one
OFFLOADING SIGNATURE GENERATION FOR API CALLS, AND APPLICATIONS THEREOF

Abstract:

The disclosed method, system, and apparatus are directed to offloading signature generation to avoid security risks, such as the ones described above. In an embodiment, an application library may receive an unsigned request (e.g., an unauthenticated API call) from an application. The unsigned request may include a target service (e.g., cloud computing resource) to which access is requested by the application. The application library may transmit the unsigned request to a signature generator. The signature generator may verify the unsigned request and generate a signature based on credential information accessible to the signature generator. The application library may receive the signature and may add the signature to the unsigned request to form a signed request (e.g., authenticated API call). The application library may transmit the signed request to the target service.