The disclosure provides for authentication and/or authorization via persistable identity tokens, so an original identity provider (e.g., a user) does not need to be present upon initiating execution of a task. Examples include requesting a persistable token in exchange for a first live token. Based at least on the request for the persistable token complying with a first set of policies, receiving the persistable token. Based at least on a trigger event, requesting a second live token in exchange for the persistable token. Based at least on the request for the persistable token complying with a second set of policies, receiving the second live token. Based at least on receiving the second live token, initiating execution of a task using the second live token for authentication or authorization, wherein the execution of the task is contingent upon the authentication or authorization.