ClientToken and ServerToken Security

Hello everyone,

I'm attempting to add a secured ArcGIS server to my site using token based security (the secure server does not belong to me so this is why I'm connecting via tokens rather than username or password). I've had a token generated for my ArcGIS server at maps.<ServerName>.ca by the external server which I have assumed is the ClientToken in this scenario. I also require a ServerToken when I attempt to edit the connection settings of the service could someone explain where I need to have this second token generated?