Trusted Applications is a new feature available in the RSA Identity Governance & Lifecycle version 7.5 release, which provides external application access to Identity Governance and Lifecycle web services without using a specific user or account. From 'Admin -> Web Services -> Trusted Applications', trusted applications can be created to allow specific access to specified web services.

Creation of a trusted application generates a unique ID and a secret value that will be used by a specific application context. Using this ID and the secret value, applications can login to the RSA Identity Governance & Lifecycle solution with the (new) 'loginTrustedApp' webservice and obtain authentication token for the duration of the session. With this trusted application authentication token and session only specified web services can be accessed, which is configured on a trusted application by trusted application basis.

Defining a Trusted Application context:

Editing and Resetting a Client Secret for a Trusted Application:

Specifying Web Service Commands Available to a Trusted Application:

Web Service Command used by a Trusted Application to Login and Generate Session Token: