Configuring the Veza integration for MuleSoft Anypoint Platform
Last updated
Was this helpful?
The MuleSoft integration enables organizations to monitor and manage access controls across their MuleSoft Anypoint Platform cloud environment. This integration provides visibility into user access patterns, role assignments, and team structures within MuleSoft.
The integration enables:
Discovery of MuleSoft organization user access and permissions, incluuding role assignments and team memberships
Tracking of administrative privileges, role group assignments, and and security configurations
Analysis of user activity, correlating Mulesoft users to external identities (Okta, Azure AD)
See for more details.
To set up the integration, you'll need to create a Connected App in MuleSoft with appropriate permissions.
Administrator access to your MuleSoft Anypoint Platform organization
Permissions to create and manage Connected Apps
The following API scopes available for assignment:
Access Controls Viewer
View Organization
View Users in a particular organization
A Veza admin account with permissions to create integrations
Note: This integration currently supports Anypoint Platform cloud deployments. Self-hosted MuleSoft deployments are not supported.
Navigate to Access Management in your MuleSoft Anypoint Platform
Click Connected Apps in the navigation menu
In the Owned Apps section, click Create App
Complete the following fields:
Name: Enter a unique name for your integration
Type: Select "App acts on its own behalf (client credentials)"
Click Save to create the Connected App
Click "Add Scopes" and select the following required scopes:
Access Controls Viewer
View Organization
View Users in a particular organization
Save the scope configuration
Note down the Client ID and Client Secret for use in Veza configuration
In Veza, go to the Integrations page
Click Add Integration and search for MuleSoft. Click on the tile to add an integration
Enter the required information
Click Create Integration to save the configuration
Name
A friendly name to identify this integration
Client ID
Client ID from the MuleSoft Connected App
Client Secret
Client Secret from the MuleSoft Connected App
The organization entity represents your MuleSoft Anypoint Platform organization and its configuration.
org_id
Unique identifier for the organization
org_name
Display name of the organization
mfa_required
MFA requirement status for the organization
org_type
Type of organization
domain
Organization's domain
subscription_category
Subscription level category
subscription_type
Type of subscription
subscription_expiration
Expiration date of current subscription
subscription_justification
Justification for subscription type
created_at
Organization creation timestamp
updated_at
Last update timestamp
deleted_at
Deletion timestamp (if applicable)
Users represent individuals with access to the MuleSoft platform.
id
Unique identifier for the user
username
User's login name
name
Display name (combination of first and last name)
email
Email address
first_name
User's first name
last_name
User's last name
enabled
Whether the user account is active
created_at
Account creation timestamp
updated_at
Last update timestamp
last_login
Most recent login timestamp
mfa_verifiers_configured
Whether MFA verification is set up
mfa_verification_excluded
Whether user is excluded from MFA requirements
is_federated
Whether the user is managed by an identity provider
type
User type classification
password_updated_at
Last password change timestamp
Groups represent organizational structures within MuleSoft.
team_id
Unique identifier for the team
team_name
Display name of the team
team_type
Classification of team
created_at
Team creation timestamp
updated_at
Last update timestamp
Roles define sets of permissions that can be assigned to users and groups.
role_id
Unique identifier for the role
name
Display name of the role
description
Detailed description of the role's purpose
editable
Whether the role can be modified
created_at
Role creation timestamp
updated_at
Last update timestamp
The ownership of the Connected App used for integration automatically transfers to the root organization owner if the creating user:
Is deleted from the system
Is removed from the root organization
Loses administrative privileges
Organization administrators can modify Connected App ownership through Access Management > Connected Apps > Owned Apps.
See the for more details.
