A service provider is an entity (e.g., a business or an organization) that sells bandwidth of or access to a network (e.g., the Internet, a data network, a telecommunication network, etc.) associated with the service provider. Service providers may include telecommunications companies, data carriers, wireless communications providers, Internet service providers, cable television operators offering high-speed Internet access, etc. Service provider networks enable third party application developers to create applications that use network resources, such as location systems that determine locations of mobile communication devices. These applications make requests to a network device, such as a gateway. The network device processes the requests and sends the requests to service provider systems that provide services, such as determining the locations of mobile communication devices, messaging, and/or other services. Such service provider systems may be referred to as enablers.
The service provider network defines application programming interfaces (APIs) for third party application developers to access the capabilities of enablers in the service provider network. A third party application often needs to authenticate a person (i.e., an end user) using the third party application, and often provides some form of authentication of the end user. However, in many cases, it is preferable to have the service provider network perform this function on behalf of the third party application. For example, if a developer would like the service provider to bill for an end user's use of their application, the service provider network needs to authenticate the end user of the application. The third party application not only needs to identify the end user, but also needs to receive a level of assurance for that identification. The end user, the application, and the service provider network need to form trust relationships. Unfortunately, the APIs provided for the third party applications often do not provide an identifier for end users using the third party applications, making authentication of such end users very difficult.