US Patent 10382424 Secret store for OAuth offline tokens

An authentication system includes an authentication server, an application having a proxy, and a token store. The token store receives an authentication request and sends the request to the authentication server. The authentication server authenticates the user based on the request. The token store requests an offline token from the authentication server. The authentication server sends the offline token to the token store. The token store generates a key-secret pair and stores the offline token and the key-secret pair in a database. The token store sends the authentication result of the user to the application. The application receives an authentication result and requests a key-secret pair from the token store. The token store sends the key-secret pair to the application. The key-secret pair is used to configure an agent, which adds the key-secret pair to a communication request sent to the application. The application processes the communication request.