公开(公告)号：US20240106864A1

公开(公告)日：2024-03-28

申请号：US18527887

申请日：2023-12-04

申请人： CLOUDFLARE, INC.

发明人： James Howard Royal

IPC分类号： H04L9/40

CPC分类号： H04L63/20 ,  H04L63/0807 ,  H04L63/102

摘要： A cloud-based security service that includes external evaluation for accessing a third-party application. The security service receives a request to access a third-party application from a client device. The security service enforces a set of one or more access policies configured for the third-party application including an external evaluation rule. As part of enforcing the external evaluation rule, the security service transmits an external evaluation request to an external endpoint defined in the external evaluation rule. The external evaluation request includes an identity of a user associated with the request. The security service receives the result of the external evaluation. If the external evaluation passed, the security service grants access to the third-party application based at least in part on its passing.

公开(公告)号：US11888851B2

公开(公告)日：2024-01-30

申请号：US17867355

申请日：2022-07-18

申请人： CLOUDFLARE, INC.

发明人： James Howard Royal ,  Samuel Douglas Rhea

IPC分类号： H04L29/06 ,  H04L9/40

CPC分类号： H04L63/0884 ,  H04L63/0281 ,  H04L63/20

摘要： A server transmits to a third-party application a request for a resource that is received from a client. The server receives an authentication request from the client device that has been generated by the third-party application. The server transmits an identity provider selection page to the client device that allows the client device to select an identity provider. The server causes the client device to transmit a second authentication request to a selected identity provider. The server receives an authentication response that was generated by the identity provider that includes the identity of the user. The server enforces access rule(s) including identity-based rule(s) and/or non-identity based rule(s). If the user is permitted to access the third-party application, the server causes an authentication response to be transmitted from the client device to the third-party application that indicates the user has successfully authenticated.

公开(公告)号：US20230412644A1

公开(公告)日：2023-12-21

申请号：US17936572

申请日：2022-09-29

申请人： CLOUDFLARE, INC.

发明人： James Howard Royal

IPC分类号： H04L9/40

CPC分类号： H04L63/20 ,  H04L63/102 ,  H04L63/0807

摘要： A cloud-based security service that includes external evaluation for accessing a third-party application. The security service receives a request to access a third-party application from a client device. The security service enforces a set of one or more access policies configured for the third-party application including an external evaluation rule. As part of enforcing the external evaluation rule, the security service transmits an external evaluation request to an external endpoint defined in the external evaluation rule. The external evaluation request includes an identity of a user associated with the request. The security service receives the result of the external evaluation. If the external evaluation passed, the security service grants access to the third-party application based at least in part on its passing.

公开(公告)号：US20230110111A1

公开(公告)日：2023-04-13

申请号：US17867355

申请日：2022-07-18

申请人： CLOUDFLARE, INC.

发明人： James Howard Royal ,  Samuel Douglas Rhea

IPC分类号： H04L9/40

摘要： A server transmits to a third-party application a request for a resource that is received from a client. The server receives an authentication request from the client device that has been generated by the third-party application. The server transmits an identity provider selection page to the client device that allows the client device to select an identity provider. The server causes the client device to transmit a second authentication request to a selected identity provider. The server receives an authentication response that was generated by the identity provider that includes the identity of the user. The server enforces access rule(s) including identity-based rule(s) and/or non-identity based rule(s). If the user is permitted to access the third-party application, the server causes an authentication response to be transmitted from the client device to the third-party application that indicates the user has successfully authenticated.

公开(公告)号：US20240171576A1

公开(公告)日：2024-05-23

申请号：US18425713

申请日：2024-01-29

申请人： CLOUDFLARE, INC.

发明人： James Howard Royal ,  Samuel Douglas Rhea

IPC分类号： H04L9/40

CPC分类号： H04L63/0884 ,  H04L63/0281 ,  H04L63/20

摘要： A server transmits to a third-party application a request for a resource that is received from a client. The server receives an authentication request from the client device that has been generated by the third-party application. The server transmits an identity provider selection page to the client device that allows the client device to select an identity provider. The server causes the client device to transmit a second authentication request to a selected identity provider. The server receives an authentication response that was generated by the identity provider that includes the identity of the user. The server enforces access rule(s) including identity-based rule(s) and/or non-identity based rule(s). If the user is permitted to access the third-party application, the server causes an authentication response to be transmitted from the client device to the third-party application that indicates the user has successfully authenticated.

公开(公告)号：US11838327B1

公开(公告)日：2023-12-05

申请号：US17936572

申请日：2022-09-29

申请人： CLOUDFLARE, INC.

发明人： James Howard Royal

IPC分类号： H04L9/40

CPC分类号： H04L63/20 ,  H04L63/0807 ,  H04L63/102

摘要： A cloud-based security service that includes external evaluation for accessing a third-party application. The security service receives a request to access a third-party application from a client device. The security service enforces a set of one or more access policies configured for the third-party application including an external evaluation rule. As part of enforcing the external evaluation rule, the security service transmits an external evaluation request to an external endpoint defined in the external evaluation rule. The external evaluation request includes an identity of a user associated with the request. The security service receives the result of the external evaluation. If the external evaluation passed, the security service grants access to the third-party application based at least in part on its passing.