Gail Frederick

Risk assessment in an authentication service is performed where an authorization request is received from a third-party application. Risk assessment policies for the authorization request are determined based on a class of the third-party application. The risk assessment policies are applied to the authorization request to determine an action to be performed for the authorization request, such as sending an authorization message in response to the authorization request or taking a remedial… Show more

Risk assessment in an authentication service is performed where an authorization request is received from a third-party application. Risk assessment policies for the authorization request are determined based on a class of the third-party application. The risk assessment policies are applied to the authorization request to determine an action to be performed for the authorization request, such as sending an authorization message in response to the authorization request or taking a remedial action (e.g., suspending the application, limiting the available actions, or sending a notification to a trusted security application). Show less

Technologies are shown for trust delegation that involve receiving a first request from a subject client and responding by sending a first token having first permissions to the subject client. A second request from a first actor includes the first token and responding involves linking the first actor to the subject client in a trust stack and sending a second token to the first actor with second permissions, the second token being a first complex token that identifies the subject client and the… Show more

Technologies are shown for trust delegation that involve receiving a first request from a subject client and responding by sending a first token having first permissions to the subject client. A second request from a first actor includes the first token and responding involves linking the first actor to the subject client in a trust stack and sending a second token to the first actor with second permissions, the second token being a first complex token that identifies the subject client and the first actor. A third request from a second actor includes the second token and responding to the third request involves linking the second actor to the first actor in the trust stack, and sending a third token to the second actor partner with third permissions, the third token being a second complex token that identifies the first actor and the second actor. Show less

Technologies are shown for network attribution tracking for a multi-legged transaction that involve receiving a tracking token registration request from a partner service, generating a tracking token associated with the partner service, adding an entry to an attribution stack for a transaction, where the entry associates the tracking token with the partner service, and returning the tracking token to the partner service. Receiving a tracking token request can include determining whether the… Show more

Technologies are shown for network attribution tracking for a multi-legged transaction that involve receiving a tracking token registration request from a partner service, generating a tracking token associated with the partner service, adding an entry to an attribution stack for a transaction, where the entry associates the tracking token with the partner service, and returning the tracking token to the partner service. Receiving a tracking token request can include determining whether the tracking token request includes a previously generated tracking token and using the previously generated tracking token to identify the attribution stack for the transaction. Adding an entry to an attribution stack for a transaction can include adding the entry to the attribution stack identified for the transaction. Attribution for a transaction can be obtained by accumulating attribution entities from each entry in the attribution stack identified for the transaction. Show less

(Chinese patent) Systems and methods for translating API grants for UX sessions are provided. The authorization server receives a request to access a user experience (UX) session on behalf of a user from a third party application developed by a third party. The request includes an access token previously granted to the third party application by the authorization server in response to the user agreeing to allow the third party application to perform an action on behalf of itself. In one… Show more

(Chinese patent) Systems and methods for translating API grants for UX sessions are provided. The authorization server receives a request to access a user experience (UX) session on behalf of a user from a third party application developed by a third party. The request includes an access token previously granted to the third party application by the authorization server in response to the user agreeing to allow the third party application to perform an action on behalf of itself. In one embodiment, the prior authorization includes an open authorization (OAuth). In response to receiving the request, the authorization server converts the access token into a single sign-on (SSO) link with the session token. The authorization server then returns the SSO link that includes a session token for a third party application hosted by the third party. The SSO link enables the third party application to redirect the user to the UX session corresponding to the SSO link. Show less

Technologies are shown for application risk assessment in an authentication service where an authorization request is received from a third party application calling an Application Programming Interface (API). Risk assessment policies that pertain to behavioral characteristics, such as API usage patterns or past delegation of permissions, are applied to the authorization request to obtain a risk assessment score. If the risk assessment score does not exceed a risk threshold, then an… Show more

Technologies are shown for application risk assessment in an authentication service where an authorization request is received from a third party application calling an Application Programming Interface (API). Risk assessment policies that pertain to behavioral characteristics, such as API usage patterns or past delegation of permissions, are applied to the authorization request to obtain a risk assessment score. If the risk assessment score does not exceed a risk threshold, then an authorization message is sent in response to the authorization request. If the risk assessment score exceeds the risk threshold, then remedial action, such as suspending the application, limiting the available actions, or sending a notification to a trusted security application, is executed for an account associated with the third party application. Machine learning can be applied to historical behavioral data to generate the risk assessment policies. Show less

Systems and methods for transforming an API authorization to a UX session are provided. An authorization server receives, from a third-party application developed by a third-party, a request to access a user experience (UX) session on behalf of a user. The request comprises an access token previously granted by the authorization server to the third-party application in response to consent, by the user, to allow the third-party application to perform actions on behalf of the user.

Aspects of the present disclosure relate to a multi-dimensional commerce platform that may be utilized for the communication of data. Aspects of the multi-dimensional commerce platform may include various functional components to facilitate a system to receive inventory data at a first server associated with the multi-dimensional commerce platform, provide a second server associated with a third-party (e.g., a third party seller/distributor) access to the inventory data, alter or modify the… Show more

Aspects of the present disclosure relate to a multi-dimensional commerce platform that may be utilized for the communication of data. Aspects of the multi-dimensional commerce platform may include various functional components to facilitate a system to receive inventory data at a first server associated with the multi-dimensional commerce platform, provide a second server associated with a third-party (e.g., a third party seller/distributor) access to the inventory data, alter or modify the inventory data based on attributes of the second server, and cause display of a presentation of the modified inventory data at a client device. Show less

Technologies are shown for trust delegation that involve receiving a first request from a subject client and responding by sending a first token having first permissions to the subject client. A second request from a first actor includes the first token and responding involves linking the first actor to the subject client in a trust stack and sending a second token to the first actor with second permissions, the second token being a first complex token that identifies the subject client and the… Show more

Technologies are shown for trust delegation that involve receiving a first request from a subject client and responding by sending a first token having first permissions to the subject client. A second request from a first actor includes the first token and responding involves linking the first actor to the subject client in a trust stack and sending a second token to the first actor with second permissions, the second token being a first complex token that identifies the subject client and the first actor. A third request from a second actor includes the second token and responding to the third request involves linking the second actor to the first actor in the trust stack, and sending a third token to the second actor partner with third permissions, the third token being a second complex token that identifies the first actor and the second actor. Show less

Aspects of the present disclosure relate to a multi-dimensional commerce platform that may be utilized for the communication of data. Aspects of the multi-dimensional commerce platform may include various functional components to facilitate a system to receive inventory data at a first server associated with the multi-dimensional commerce platform, provide a second server associated with a third-party (e.g., a third party seller/distributor) access to the inventory data, alter or modify the… Show more

Aspects of the present disclosure relate to a multi-dimensional commerce platform that may be utilized for the communication of data. Aspects of the multi-dimensional commerce platform may include various functional components to facilitate a system to receive inventory data at a first server associated with the multi-dimensional commerce platform, provide a second server associated with a third-party (e.g., a third party seller/distributor) access to the inventory data, alter or modify the inventory data based on attributes of the second server, and cause display of a presentation of the modified inventory data at a client device. Show less