Identification verification mechanisms for a third-party application to access content in a cloud-based platform

What is claimed is: 1. A method for providing a third-party application with access to encrypted content in a cloud-based environment, the method comprising: in response to a request to access the encrypted content of a workspace in the cloud-based environment, providing the third-party application with an identity verification of a user if the user is not already logged into the workspace, wherein the identity verification is generated from a server hosting the cloud-based environment; upon the verification of the user's identity, transmitting an authentication token to the third-party application, the authentication token allowing the third-party application to access the encrypted content of the workspace in the cloud-based environment without verifying the user's identity, wherein the authentication token includes a decryption key to decrypt the encrypted content; providing the requested encrypted content to the third-party application; decrypting the encrypted content with the decryption key included with the authentication token; and in response to receiving a request to store content in the workspace from the third-party application, preventing the third-party application from storing the content, wherein the content is exclusive of the requested encrypted content. 2. The method of claim 1 , wherein the providing is performed based on whether the user is logged into the cloud-based environment. 3. The method of claim 1 , wherein the identity verification is not generated again by the server if, upon receiving a subsequent request to access the cloud-based environment, the authentication token is present on the third-party application. 4. The method of claim 1 , wherein the authentication token automatically expires after a period of time. 5. The method of claim 1 , wherein the provided identity verification is embedded in an interface of the third-party application. 6. The method of claim 1 , wherein the request is transmitted from the third-party application. 7. The method of claim 1 , wherein the third-party application has a user interface customized to enable the storage of the accessed content back to the cloud-based environment. 8. The method of claim 1 , wherein the third-party application is listed in a list of approved third-party applications. 9. The method of claim 1 , further comprising: keeping a history of the access, the history including at least information regarding which third-party application accessed what content. 10. A system for providing a third-party application to access to encrypted content in a cloud-based environment, the system comprising: one or more processors; memory circuitry coupled to the processors and having stored thereon instructions which, when executed by at least one of the processors, causes the system to: in response to a request to access the encrypted content of a workspace in the cloud-based environment, provide the third-party application with an identity verification of a user based on whether the user is logged into the workspace in the cloud-based environment, wherein the identity verification is generated from a server hosting the cloud-based environment; upon the verification of the user's identity, transmit an authentication token to the third-party application, the authentication token allowing the third-party application to access the encrypted content of the workspace in the cloud-based environment without verifying the user's identity, wherein the authentication token includes a decryption key to decrypt the encrypted content; provide the requested encrypted content to the third-party application; decrypt the encrypted content with the decryption key included with the authentication token; and in response to receiving a request to store content in the workspace from the third-party application, prevent the third-party application from storing the content, wherein the content is exclusive of the requested encrypted content. 11. The method of claim 1 , further comprising instructing a deletion of the content provided to the third-party application. 12. The method of claim 1 , further comprising restricting the third-party application from storing the content back to the cloud-based environment. 13. A non-transitory machine readable storage medium encoded with instructions for performing a method for providing a third-party application with access to encrypted content in a cloud-based environment, the instructions comprising: in response to a request to access the encrypted content of a workspace in the cloud-based environment, provide the third-party application with an identity verification of a user if the user is not already logged into the workspace, wherein the identity verification is generated from a server hosting the cloud-based environment; upon the verification of the user's identity, transmit an authentication token to the third-party application, the authentication token allowing the third-party application to access the encrypted content of the workspace in the cloud-based environment without verifying the user's identity, wherein the authentication token includes a decryption key to decrypt the encrypted content; provide the requested encrypted content to the third-party application; decrypt the encrypted content with the decryption key included with the authentication token; and in response to receiving a request to store content in the workspace from the third-party application, prevent the third-party application from storing the content, wherein the content is exclusive of the requested encrypted content. 14. The non-transitory machine readable storage medium of claim 13 , wherein the instructions to provide are performed based on whether the user is logged into the cloud-based environment. 15. The non-transitory machine readable storage medium of claim 13 , wherein the identity verification is not generated again by the server if, upon receiving a subsequent request to access the cloud-based environment, the authentication token is present on the third-party application. 16. The non-transitory machine readable storage medium of claim 13 , wherein the authentication token automatically expires after a period of time. 17. The non-transitory machine readable storage medium of claim 13 , wherein the provided identity verification is embedded in an interface of the third-party application. 18. The non-transitory machine readable storage medium of claim 13 , wherein the request is transmitted from the third-party application. 19. The non-transitory machine readable storage medium of claim 13 , wherein the third-party application has a user interface customized to enable the storage of the accessed content back to the cloud-based environment.