Abstract: Computer-implemented systems and methods for authorization are provided. A system for distributed authorization includes a resource server which stores a protected resource of a resource owner and a service provider client device which provides a service which uses the protected resource. The system also includes a federated privacy exchange system configured to provide an authorization service for allowing the service provider client device to access the protected resource according to permissions data. The federated privacy exchange system includes a privacy-respecting authorization server configured to store a resource definition for the protected resource, and an agent device configured to provide an agent interface for managing credentials and controlling permissions and policies at the authorization server and store protected data including any one or more of account identifier data, authenticator data, resource server relationship data, and permissions data.
Abstract: Computer-implemented systems and methods for authorization are provided. A system for distributed authorization includes a resource server which stores a protected resource of a resource owner and a service provider client device which provides a service which uses the protected resource. The system also includes a federated privacy exchange system configured to provide an authorization service for allowing the service provider client device to access the protected resource according to permissions data. The federated privacy exchange system includes a privacy-respecting authorization server configured to store a resource definition for the protected resource, and an agent device configured to provide an agent interface for managing credentials and controlling permissions and policies at the authorization server and store protected data including any one or more of account identifier data, authenticator data, resource server relationship data, and permissions data.