Systems and methods are provided for determining an access request provided by an entity that seeks to interact with one or more backend systems through a middleware system, the access request including a genuine access token. The entity can be authenticated based on the genuine access token. When a client request is made to the middleware system with a genuine access token, the request can be made through a smart ingress and egress proxy which intercepts the request and replaces the genuine access token with an invalid access token. The middleware system can subsequently make authorized requests to downstream systems on behalf of the middleware system's client by treating the smart proxy as an egress proxy for those subsequent requests, and the smart proxy replaces the invalid access token with a genuine one.