The monitoring of the authentication front-end by the authorization gateway using a simple status flag is an economical and efficient implementation.

According to a first implementation, the front-end delivery is in the broker trust boundaries.

This implementation corresponds to the situation where the broker is allowed to create the authentication front-end by the identity provider. However the identity provider has the possibility to check the allocated random token, the contextual information and the broker identifier.

According to a second implementation, the front-end delivery is on the identity provider's core service back-end which is the back-end for the services as proposed by the identity provider.

In such an implementation, the identity provider generates itself the authentication front-end script and thus has further the control of the creation of the script.

According to an advantageous feature, the broker, when embedding the URL of the authentication front-end, also embeds integrity data in the web application login page to enable a sub resource integrity check.

The presence of integrity data enables to check, when needed, the integrity of the authentication front-end as created at the front end delivery.

Advantageously, the method comprises an additional step of, for the user agent, validating the authentication front-end integrity using a sub resource integrity check after reception of the authentication front-end.

Such a check of the integrity enables the user agent to be sure that the right authentication front end as previously created by the front-end delivery is well the one that it has received.