You could set up a non administrator group with access to the mashup and related services/entities. You could assign an appkey to that group and then access the mashup via the appkey.
Hi Polina Osipova,
ThankYou for the response. With the help of appKey Do we need to give visibility and runtime permission to every entity such as mashups, things, thingtemplates, datatables and other media files used by Mashup. or Is there any way other than administrator group to give permission to the new user.
Because I found giving permission to every entity is cumbersome.
Madhu Nalla: You should create a user group and assign visibility& runtime permissions on required entities to this user group. This will be a one time activity needs to be done and then should add any required user to the user group to automatically get right permissions.
You may also out other threads to programmatically setting permissions
For convenience, you may look into setting up the System User The use of System User
Setting up the security "layer by layer" is generally the best practice that could maximuze the protection of your application.