# Trusted applications **Trusted Applications** are an advanced security system that lets you manage third-party integrations with your AIsuru PaaS platform in a granular way. This feature is essential for maintaining control and security when other applications or services need access to your instance's APIs. #### What are Trusted Applications Trusted Applications are **external services authorized** to access your PaaS platform's APIs. Each registered application receives: * A **unique API key** for authentication * **Specific permissions** defined by you * **Access monitoring** and usage tracking * **Granular control** over accessible features #### What they're used for Trusted Applications are essential for: 1. **Secure integrations**: Connecting CRM, ERP, or other business applications to your AI 2. **Custom app development**: Letting your developers build applications that use your Agents 3. **Automations**: Setting up automated systems that interact with Agents 4. **Access control**: Limiting and monitoring who can use your APIs 5. **Compliance**: Keeping an audit trail of access for security purposes #### How to access the management section To manage Trusted Applications: 1. Log in to your AIsuru PaaS with an **admin** account 2. Go to the **Admin** section in the sidebar 3. Select **Trusted Applications** #### Creating a new Trusted Application To register a new application: 1. On the main page, click **CREATE** 2. Fill in the required fields: * **Application Name**: An identifying name (e.g. "CRM System") * **Base URL**: The address of the service that will access the APIs * **Description**: Brief description of the intended use 3. **API Key management**: * The key is generated automatically * You can copy it using the **Copy** button * You can regenerate it with **Generate Key** if needed 4. Click **CREATE** to confirm ⚠️ **Important**: Save the API key somewhere safe. It won't be visible again after creation for security reasons. #### Managing existing applications From the main table you can: * **View the status** of each application (active/inactive) * **Monitor the creation date** for auditing * **Edit the settings** of existing applications * **Revoke access** by deleting the application * **View the registered base URL** The table columns show: * **Name**: Application's identifying name * **Status**: Active/Inactive * **Base URL**: Authorized domain * **API Key**: Key status (hidden for security) * **Creation Date**: When it was registered * **Actions**: Edit, delete, manage permissions #### Security Best Practices 1. **Principle of least privilege**: Grant only the permissions that are strictly necessary 2. **Key rotation**: Periodically regenerate API keys 3. **Monitoring**: Regularly check access and usage 4. **Documentation**: Keep track of what each application does 5. **Immediate revocation**: Remove access immediately for applications no longer in use #### Using API Keys Once the application is created, use the API key to authenticate requests: ```bash curl -H "Authorization: Bearer YOUR_API_KEY" \ -H "Content-Type: application/json" \ https://your-paas.aisuru.com/api/v2/endpoint ``` #### Monitoring and Auditing Trusted Applications offer full traceability: * **Access history** for each application * **API usage metrics** * **Security logs** to identify anomalies * **Compliance reports** for external audits Trusted Application management provides enterprise-grade security for your PaaS platform, letting you integrate external systems while maintaining full control over access and permissions. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.aisuru.com/en/paas/admin-panel/trusted-applications.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.