The concept of "Application/Subscription Trust" only applies to APIs which are secured using OAuth2.
In terms of API subscriptions, an application can have a "trusted", or a "normal" subscription to an API. The difference between the two is that a trusted subscription will implicitly always be trusted by the API Management system to access all scopes of the API, even without asking for permission to the user.
Usually, when an application wants to access an API on behalf of an end user, the API Management system will ask the user to "grant access" to the API for the application on behalf of himself. If the application's subscription is a "trusted" subscription, the API Management will automatically assume that the user grants all scopes to the application, without asking.
Normally, only the "main" application which uses an API, i.e. the application which is tied most to the API, has a trusted subscription (as this is what the end user also would expect). All other subscriptions to the API are usually "normal" subscriptions which would require the end user to explicitly grant access to the application for his own personal data.
The concept of trusted subscriptions has the following implications which are also important to the application developer: