Patent attributes
This invention is a system and method for mobile authentication using HTTP redirect in GTP tunnels. The authentication procedure generates a one-time-token that returns to the Enterprise application that requests the authentication. The authentication platform injects a HTTP redirect response to the mobile device via the GTP-U tunnel that corresponds to the GTP session of the inputted-MSISDN. The HTTP redirect response carries a URL with the one-time-token as parameter. The Enterprise application authenticates the HTTP request by comparing the one-time-token in the HTTP request parameter against the value returned by the authentication platform during its authentication request API call.