SAP SE
Access token management for state preservation and reuse

Abstract:

Techniques are described for managing access tokens in a computing environment. A proxy service can be configured to issue a first token to a workflow engine, the first token having a substantially unlimited lifetime to not time out during the workflow duration. The first token may be provided to the workflow in place of a shorter-lifetime token that may have otherwise been requested from a backend service. The first token may be used by the workflow engine to provide authorization for operations of the workflow. On completion of the workflow, the workflow engine may send an indication to the proxy service to request interactions with the backend service. The proxy service may request a second (e.g., limited-lifetime) token from the backend service, and use the second token to interact with the backend service on behalf of the workflow, thus acting as an intermediary between the workflow and the backend service.