The rules that decide which workload may receive access under federation. In practice, trust policy binds claims such as repository, branch, environment, or runner posture to specific permissions, making it the control point that replaces the old stored secret.
Expanded Definition
Trust policy is the control logic that decides whether a workload, pipeline, or agent may assume an identity or receive permissions in a federation flow. It is not a secret store, and it is not merely a role mapping. The policy evaluates claims such as repository, branch, environment, runner posture, audience, issuer, and token age before issuing access.
In NHI practice, trust policy sits at the boundary between authentication and authorisation. For example, a GitHub Actions workflow may be trusted only when it runs from a protected branch in a specific repository, while a deployment agent may be trusted only from a hardened runner in a known environment. This is why definitions vary across vendors: some tools call it federation policy, others call it workload identity trust, and others expose the same idea through claim conditions. No single standard governs this yet, but the operational purpose is consistent across the industry. The closest external framing is found in NIST Cybersecurity Framework 2.0, which emphasises access governance and continuous control. The most common misapplication is treating trust policy as a one-time setup, which occurs when teams bind broad claims once and never revisit them after repository, runner, or environment changes.
Examples and Use Cases
Implementing trust policy rigorously often introduces deployment friction, requiring organisations to weigh faster automation against tighter admission checks and more frequent policy maintenance.
- A CI/CD system allows token issuance only when the workflow originates from a protected branch and a signed commit, reducing the chance that a forked pipeline can mint production access. This aligns with the lifecycle guidance in Ultimate Guide to NHIs — Lifecycle Processes for Managing NHIs.
- A cloud workload identity is trusted only if the pod name, namespace, and attested runtime posture match the expected claims. That approach mirrors zero trust thinking in NIST Cybersecurity Framework 2.0.
- An AI agent receives scoped access only after the issuer validates the agent runtime, tool audience, and environment label, which prevents a cloned agent from inheriting production privileges.
- A federation provider permits access to secrets only when the request comes from an approved repository and a specific deployment stage, reflecting the risk themes described in Top 10 NHI Issues.
- A compliance team uses trust policy to separate build, test, and production claims so that review evidence can be shown during audits, especially where federated access replaces static credentials.
Why It Matters in NHI Security
Trust policy matters because it determines whether federated access is genuinely constrained or merely appears constrained. When policies are too broad, attackers can replay tokens, abuse misconfigured claims, or move from a compromised repository into production access. When policies are too narrow, automation breaks and teams create workarounds that reintroduce stored secrets. That is why trust policy should be reviewed alongside rotation, offboarding, and audit evidence in the context described by Ultimate Guide to NHIs — Regulatory and Audit Perspectives.
NHIMG research shows that Ultimate Guide to NHIs — Lifecycle Processes for Managing NHIs reports 97% of NHIs carry excessive privileges, which makes over-trusted federation rules especially dangerous. In practice, trust policy is a Zero Trust control that supports ZSP by limiting which workload can even ask for access, not just which role it receives afterward. It also reinforces governance expectations in NIST CSF 2.0 by making access conditions explicit and reviewable. Organisations typically encounter trust policy failures only after a token is abused, a pipeline is hijacked, or an audit flags uncontrolled federated access, at which point the concept becomes operationally unavoidable to address.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST Zero Trust (SP 800-207) and NIST CSF 2.0 set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-03 | Covers federated workload identity and trust-bound access decisions. |
| NIST Zero Trust (SP 800-207) | PA-1 | Zero Trust requires explicit, continuous verification before access is granted. |
| NIST CSF 2.0 | PR.AC-1 | Access permissions should be managed through explicit policy and least privilege. |
Validate each workload request against policy conditions before issuing access tokens.
Related resources from NHI Mgmt Group
Deepen Your Knowledge
Reviewed and updated by the NHIMG editorial team on May 30, 2026.
NHI Mgmt Group — the #1 independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org
