describes how to set the timeout of rest tokens....but remember this controls all of them, and this is essentially a password to your system....so, leaving it to not expire for extended periods of time is risky...but that's the information on how to set it to a longer period than an hour or so...
As to how to get a current 'valid' token to your consumer...what resource do you both have access to that you can possibly write a file to periodically that they would be able to pick up to get the 'current' token?
We faced the same issue and I'm quite sure this is not possible without developing a middleware (which was the solution for us as well). Dynatrace is just pushing an alert via webhook to any system, there is no possiblity of defining a workflow which doing this with multiple steps (as in your case step 1 generating a token, step 2 push the notification).
We developed a middleware which is getting the alerts via webhook from Dynatrace and then utilizing the Remedy REST API to create an Incident - now we are even bi-directional and enriching the CMDB with information out of Dynatrace.