Abstract: In one embodiment, a method comprises receiving a request from a first party for access to controlled data, and providing access to the controlled data to a second party. The first party requests access to the controlled data and a token is provided to the first party. The token includes data associated with authorized access to the controlled data. A request for access to the controlled data including the token is later received from the second party, and access to the controlled data is provided to the second party.