US 12,170,696 B2
Viewing aggregate policies for authorizing an API
Andrew Curtis, San Mateo, CA (US); Mikol Graves, San Francisco, CA (US); Bryan J. Fulton, San Francisco, CA (US); Timothy L. Hinrichs, Los Altos, CA (US); Marco Sanvido, Belmont, CA (US); and Teemu Koponen, San Francisco, CA (US)
Assigned to STYRA, INC., Redwood City, CA (US)
Filed by Styra, Inc., Redwood City, CA (US)
Filed on Oct. 17, 2022, as Appl. No. 17/967,686.
Application 17/967,686 is a continuation of application No. 16/446,509, filed on Jun. 19, 2019, granted, now 11,477,238.
Claims priority of provisional application 62/839,487, filed on Apr. 26, 2019.
Claims priority of provisional application 62/785,656, filed on Dec. 27, 2018.
Claims priority of provisional application 62/746,500, filed on Oct. 16, 2018.
Prior Publication US 2023/0032313 A1, Feb. 2, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); H04L 67/133 (2022.01)
CPC H04L 63/20 (2013.01) [H04L 63/0263 (2013.01); H04L 63/08 (2013.01); H04L 63/101 (2013.01); H04L 63/102 (2013.01); H04L 63/104 (2013.01); H04L 67/133 (2022.05)] 19 Claims
OG exemplary drawing
 
1. A method for authorizing an application programming interface (API) call made for a particular user to access a particular service, the method comprising:
receiving an authentication first policy that defines a set of one or more users of a system providing one or more services including the particular service, the set of one or more users comprising the particular user;
receiving an authorization second policy that defines access to the particular service by the set of one or more users;
generating an authorization third policy for defining access to the particular service by the set of one or more users by combining the first and second policies;
receiving a query regarding access through an API to the particular service for the particular user; and
using the third policy to provide a response to the query that describes whether the particular user is allowed to access the particular service through an API call.