You propose a reasonable solution but I can think of an alternative. Dealing with threads can be a pain in ASP.NET applications. Not impossible but a pain. Are you spawning a thread so that your task can run under a separate identity, or is it because the task can be long running, or both? Another thing to consider is how you authenticate users. You will need to know how to impersonate another user account with ASP.NET.
Depending on load and other factors it might be better to introduce a queue into your applications (in a database, or using MSMQ, Rhino Queues, or similar). When a request comes in validate it. If it is OK then dump it into the queue and return a correlation ID to the client. The client can check the status of the task using this ID.
Your queue could be stored in a database or you can use a specific queuing API/system. Create a separate app that runs as scheduled job, or Windows service. This application would run under a separate ID from clients that call your web service, and does the work you would do on the other thread. When the queued work is completed, the database updated with the status.
By doing this you avoid having any special code in your ASP.NET application and have a clean distinct interface between your concerns. If a task fails, say a 3rd party application you are setting up is offline, then you have an opportunity to retry the operation. I've found this method to be easier to monitor too. If an application is offline, it also lets you continue to accept incoming requests without too much difficulty.
