In a multi-tiered computing environment, a first program may authenticate with a second program using dynamically-generated public/private key pairs. An authentication token is constructed that includes user information and information about the first program and the second program. The first program then digitally signs the authentication token using the dynamically-generated private key, and sends the authentication token to the second program. The second program then verifies the authentication token using the public key corresponding to the first program. Once verified, the first program is authenticated to the second program. The second program may then authenticate to a next-tier program by constructing an authentication token that includes the information in the authentication token received from the first program. This may continue to any suitable number of tiers, using dynamically-generated public/private key pairs to allow authentication between programs without requiring any user interaction or input from a system administrator.