Users can create Application Credentials to allow their applications to authenticate to the OpenStack Identity service. 

Users can delegate a subset of their role assignments on a project to an Application Credential, granting the application the same or restricted authorisation to a project. 

With application credentials, applications authenticate with the application credential ID and a secret string, which is different from the user’s password. This way, the user’s password is not embedded in the application’s configuration.

Create a new Application Credentials

The application credentials can be created from the Openstack Horizon dashboard by going to the left panel Identity → Application Credentials and selecting "Create Application Credentials"

A dialog panel appears, showing the relevant options and related description. Credentials "Name" is the only mandatory field. Roles mapping between EWC IAM user and OpenStack Horizon Service are described here: EWC Cloud Management UI - User Roles and Permissions

Once created the Secret will be shown just once. It should be copied and saved in a safe place.