Trusted applications

Trusted Applications are an advanced security system that lets you manage third-party integrations with your AIsuru PaaS platform in a granular way. This feature is essential for maintaining control and security when other applications or services need access to your instance's APIs.

What are Trusted Applications

Trusted Applications are external services authorized to access your PaaS platform's APIs. Each registered application receives:

• A unique API key for authentication

• Specific permissions defined by you

• Access monitoring and usage tracking

• Granular control over accessible features

What they're used for

Trusted Applications are essential for:

1. Secure integrations: Connecting CRM, ERP, or other business applications to your AI

2. Custom app development: Letting your developers build applications that use your Agents

3. Automations: Setting up automated systems that interact with Agents

4. Access control: Limiting and monitoring who can use your APIs

5. Compliance: Keeping an audit trail of access for security purposes

How to access the management section

To manage Trusted Applications:

1. Log in to your AIsuru PaaS with an admin account

2. Go to the Admin section in the sidebar

3. Select Trusted Applications

Creating a new Trusted Application

To register a new application:

1. On the main page, click CREATE

2. Fill in the required fields:

   • Application Name: An identifying name (e.g. "CRM System")

   • Base URL: The address of the service that will access the APIs

   • Description: Brief description of the intended use

3. API Key management:

   • The key is generated automatically

   • You can copy it using the Copy button

   • You can regenerate it with Generate Key if needed

4. Click CREATE to confirm

⚠️ Important: Save the API key somewhere safe. It won't be visible again after creation for security reasons.

Managing existing applications

From the main table you can:

• View the status of each application (active/inactive)

• Monitor the creation date for auditing

• Edit the settings of existing applications

• Revoke access by deleting the application

• View the registered base URL

The table columns show:

• Name: Application's identifying name

• Status: Active/Inactive

• Base URL: Authorized domain

• API Key: Key status (hidden for security)

• Creation Date: When it was registered

• Actions: Edit, delete, manage permissions

Security Best Practices

1. Principle of least privilege: Grant only the permissions that are strictly necessary

2. Key rotation: Periodically regenerate API keys

3. Monitoring: Regularly check access and usage

4. Documentation: Keep track of what each application does

5. Immediate revocation: Remove access immediately for applications no longer in use

Using API Keys

Once the application is created, use the API key to authenticate requests:

Monitoring and Auditing

Trusted Applications offer full traceability:

• Access history for each application

• API usage metrics

• Security logs to identify anomalies

• Compliance reports for external audits

Trusted Application management provides enterprise-grade security for your PaaS platform, letting you integrate external systems while maintaining full control over access and permissions.