This disclosure relates generally to authenticating an online end-user and, more particularly, to network-based systems and methods for using a secure authorization server to securely authenticate an identity of an end-user as well as provide end-user information to another online computing client service being accessed by the end-user.
Standards currently exist that define how an entity, such as a website or application (known as “computing clients”), can authenticate an identity of an end-user based on an authentication performed by a third-party secure authorization server, as well as to obtain end-user information, such as basic profile information. This is commonly used as a way for an Internet user to log into a third-party website using, for example, a social media website (e.g., Facebook or Twitter) login information (e.g., username and password) without exposing the login information to the third-party website. At least one known standard in use today is the OpenID Connect protocol operating on top of the OAuth 2.0 protocol.
Unfortunately, these known systems have certain limitations, including certain security concerns. In addition, some of these known protocols lack many security requirements. As a result, there have been numerous security incidents and vulnerability attacks in recent years involving these known systems.