Techniques are presented for efficiently provisioning application-agnostic resource access to a variety of applications without modification to the native access control mechanisms of the applications and without transmission of a user's credentials over the network. A user of an application is authenticated by an authorization provider. An access token for the authenticated user is generated. A session password is generated based at least in part on the access token. The session password is applied by the user to the native access control mechanism of an application to facilitate access to resources (e.g., set of subject data) by the application. The resource access is achieved without modification to the native access control mechanism of the application and without transmission of the credentials (e.g., username, password, etc.) of the user over the network.