US Patent No. 10,992,658

CLIENT-SIDE NATIVE APPLICATION AND BROWSER IDENTIFICATION FOR SESSION CONTROL IN PROXY SOLUTIONS


Patent No. 10,992,658
Issue Date April 27, 2021
Title Client-side Native Application And Browser Identification For Session Control In Proxy Solutions
Inventorship Itamar Azulay, Mishmar (IL)
Yossi Haber, Ganei Tikva (IL)
Assignee Microsoft Technology Licensing, LLC, Redmond, WA (US)

Claim of US Patent No. 10,992,658

1. A method for session control of a client-side native application using a browser client for an authentication process, the method comprising:in a proxy service:
receiving an authentication request from a browser client,
analyzing the authentication request to detect a native application redirect Universal Resource Locator (URL) redirecting to a native application,
if the native application redirect URL is detected, modifying the native application redirect URL to a modified URL that redirects to a policy endpoint, where the modified URL incorporates the native application redirect URL, and
returning the authentication request to the browser client with the modified URL; and
in the policy endpoint:
receiving from the browser client a redirected authentication request with the modified URL,
applying one or more predefined policy rules to the native application corresponding to the native application redirect URL incorporated in the modified URL and the browser client to determine whether the native application and the browser client is allowed or prohibited,
if the native application and the browser client are allowed, restoring the native application redirect URL in the authentication request and redirecting the authentication request to an identity provider for authentication, and
if the native application and the browser client are prohibited, sending a failure indication to the browser client.