U.S. Patent No. 11,552,802 - Prepared by Attorney David Tran for Salesforce, Inc. and filed by Weaver (WAVS IP)
Brief Description: A server computing system generates a universally unique identifier (UUID) associated with a first application, the UUID to be encrypted using a private key associated with the first application to generate a first digital signature. The server computing system generates a first session key associated with the first application, the first digital signature to be encrypted using the first session key to generate a first encrypted digital signature. The server computing system encrypts the first session key using a public key associated with a second application to generate a first encrypted session key, wherein the first application and the second application are deployed with the PaaS associated with the server computing system. The server computing system transmits the UUID, the first encrypted digital signature, and the first encrypted session key to the second application using hypertext transfer protocol (HTTP) to enable the second application to authenticate the first application. Examples of systems and methods for performing stateless mutual authentication for applications deployed with a Platform as a Service (PaaS) in an environment where TLS termination has already occurred at the router level, and TLS is not available to the applications themselves may comprise using a universally unique identifier (UUID) and a session key associated with a first application for authentication by a second application. Each of the first application and second application may be associated with a public key and a private key. A public key exchange between the two applications may have been performed. The mutual authentication may be performed based on using the public key and the private key not associated with a certificate authority (CA) and not based on an authentication mechanism supplied by the PaaS.