Login as Trusted Application
Create a token for a trusted application, which can then be passed to other web services.
POST https://instance.securid.com/aveksa/command.submit?cmd=loginTrustedApp
The Client Id, Client Secret, and Auth URL are found on the Admin > Web Services > Trusted Application page.
Each call to loginTrustedApp creates a new concurrent session. The server enforces a per-application session limit. If the limit is exceeded, the server returns:
Concurrent session limit exceeded for this trusted application
There is no explicit logout command for trusted application tokens. Sessions expire automatically after the configured timeout. To avoid hitting the limit, reuse tokens across requests within a session instead of calling loginTrustedApp before each request.
Request
Parameters
| loginTrustedApp | |
| format | properties - (Default) Returns the response as key=value pairs.json - Returns the response as JSON. |
Headers
| The client ID of the trusted application | |
| The client secret of the trusted application | |
| Accept | application/json |
| Content-Type | application/json |
Response
Parameters
token | The security token for this trusted application. Pass as Authorization: Bearer in subsequent requests. |
Examples
Request
- Curl
- Python
- Node.js
curl -K -X POST \
"https://instance.securid.com/aveksa/command.submit?cmd=loginTrustedApp&format=json" \
-H "ClientId: <client-id>" \
-H "ClientSecret: <client-secret>" \
-H "Content-Type: application/json"
import requests
url = "https://instance.securid.com/aveksa/command.submit"
params = {
"cmd": "loginTrustedApp",
"format": "json"
}
headers = {
'ClientId': '<client-id>',
'ClientSecret': '<client-secret>',
'Content-Type': 'application/json'
}
response = requests.post(url, params=params, headers=headers)
if response.status_code == 200:
token = response.json().get("token")
print(f"Token: {token}")
else:
print(f"Request failed with status code {response.status_code}")
const axios = require('axios');
const url = "https://instance.securid.com/aveksa/command.submit";
const params = {
cmd: "loginTrustedApp",
format: "json"
};
const headers = {
'ClientId': '<client-id>',
'ClientSecret': '<client-secret>',
'Content-Type': 'application/json'
};
axios.post(url, null, { params, headers })
.then(response => {
if (response.status === 200) {
const token = response.data?.token;
console.log(`Token: ${token}`);
} else {
console.log(`Request failed with status code ${response.status}`);
}
})
.catch(error => {
console.error('Error:', error);
});
Response
- 200
- 401 Invalid Credentials
- 401 Missing ClientSecret
The token is returned at the top level, not nested inside a data object.
{
"token": "ta31012485e36e3be2c9:-28aff589:18a2295240d:-7bcd"
}
Returned when the ClientId or ClientSecret is incorrect, or when ClientId is missing.
<html>
<head>
<title>Error</title>
</head>
<body>Application could not be validated
Query String=cmd=loginTrustedApp&format=json</body>
</html>
Returned when the ClientSecret header is missing entirely.
<html>
<head>
<title>Error</title>
</head>
<body>Error occurred logging application : null
Query String=cmd=loginTrustedApp&format=json</body>
</html>
Verified with RSA Governance & Lifecycle version 8.0.0.188886 P10_HF01.