# MuleSoft

### Overview

The MuleSoft integration enables organizations to monitor and manage access controls across their MuleSoft Anypoint Platform cloud environment. This integration provides visibility into user access patterns, role assignments, and team structures within MuleSoft.

The integration enables:

* Discovery of MuleSoft organization user access and permissions, incluuding role assignments and team memberships
* Tracking of administrative privileges, role group assignments, and and security configurations
* Analysis of user activity, correlating Mulesoft users to external identities (Okta, Azure AD)

See [notes and supported entities](#notes-and-supported-entities) for more details.

### Configuring MuleSoft

To set up the integration, you'll need to create a Connected App in MuleSoft with appropriate permissions.

#### Requirements

* Administrator access to your MuleSoft Anypoint Platform organization
* Permissions to create and manage Connected Apps
* The following API scopes available for assignment:
  * Access Controls Viewer
  * View Organization
  * View Users in a particular organization
* A Veza admin account with permissions to create integrations

> **Note**: This integration currently supports Anypoint Platform cloud deployments. Self-hosted MuleSoft deployments are not supported.

#### Creating a Connected App

1. Navigate to **Access Management** in your MuleSoft Anypoint Platform
2. Click **Connected Apps** in the navigation menu

   ![MuleSoft connected apps.](/files/MEnnDKZN6qLdZSVIqxlD)
3. In the Owned Apps section, click **Create App**

   ![Configure a connected app.](/files/FdQCIJF218hQXtKMclJM)
4. Complete the following fields:
   * **Name**: Enter a unique name for your integration
   * **Type**: Select "App acts on its own behalf (client credentials)"
5. Click **Save** to create the Connected App

#### Configuring Required Scopes

1. Click "Add Scopes" and select the following required scopes:
   * Access Controls Viewer
   * View Organization
   * View Users in a particular organization
2. Save the scope configuration
3. Note down the **Client ID** and **Client Secret** for use in Veza configuration

![Add scopes for the connected app.](/files/Tv7kpeW4JRZc301JvoCB)

See the [MuleSoft Access Management documentation](https://docs.mulesoft.com/access-management/) for more details.

### Configuring MuleSoft on the Veza Platform

1. In Veza, go to the **Integrations** page
2. Click *Add Integration* and search for MuleSoft. Click on the tile to add an integration
3. Enter the required information
4. Click *Create Integration* to save the configuration

| Field         | Notes                                         |
| ------------- | --------------------------------------------- |
| Name          | A friendly name to identify this integration  |
| Client ID     | Client ID from the MuleSoft Connected App     |
| Client Secret | Client Secret from the MuleSoft Connected App |

### Notes and Supported Entities

#### Organization

The organization entity represents your MuleSoft Anypoint Platform organization and its configuration.

| Attribute                    | Notes                                       |
| ---------------------------- | ------------------------------------------- |
| `org_id`                     | Unique identifier for the organization      |
| `org_name`                   | Display name of the organization            |
| `mfa_required`               | MFA requirement status for the organization |
| `org_type`                   | Type of organization                        |
| `domain`                     | Organization's domain                       |
| `subscription_category`      | Subscription level category                 |
| `subscription_type`          | Type of subscription                        |
| `subscription_expiration`    | Expiration date of current subscription     |
| `subscription_justification` | Justification for subscription type         |
| `created_at`                 | Organization creation timestamp             |
| `updated_at`                 | Last update timestamp                       |
| `deleted_at`                 | Deletion timestamp (if applicable)          |

#### Users

Users represent individuals with access to the MuleSoft platform.

| Attribute                   | Notes                                               |
| --------------------------- | --------------------------------------------------- |
| `id`                        | Unique identifier for the user                      |
| `username`                  | User's login name                                   |
| `name`                      | Display name (combination of first and last name)   |
| `email`                     | Email address                                       |
| `first_name`                | User's first name                                   |
| `last_name`                 | User's last name                                    |
| `enabled`                   | Whether the user account is active                  |
| `created_at`                | Account creation timestamp                          |
| `updated_at`                | Last update timestamp                               |
| `last_login`                | Most recent login timestamp                         |
| `mfa_verifiers_configured`  | Whether MFA verification is set up                  |
| `mfa_verification_excluded` | Whether user is excluded from MFA requirements      |
| `is_federated`              | Whether the user is managed by an identity provider |
| `type`                      | User type classification                            |
| `password_updated_at`       | Last password change timestamp                      |

#### Groups (Teams)

Groups represent organizational structures within MuleSoft.

| Attribute    | Notes                          |
| ------------ | ------------------------------ |
| `team_id`    | Unique identifier for the team |
| `team_name`  | Display name of the team       |
| `team_type`  | Classification of team         |
| `created_at` | Team creation timestamp        |
| `updated_at` | Last update timestamp          |

#### Roles

Roles define sets of permissions that can be assigned to users and groups.

| Attribute     | Notes                                      |
| ------------- | ------------------------------------------ |
| `role_id`     | Unique identifier for the role             |
| `name`        | Display name of the role                   |
| `description` | Detailed description of the role's purpose |
| `editable`    | Whether the role can be modified           |
| `created_at`  | Role creation timestamp                    |
| `updated_at`  | Last update timestamp                      |

#### Connected App Ownership

The ownership of the Connected App used for integration automatically transfers to the root organization owner if the creating user:

* Is deleted from the system
* Is removed from the root organization
* Loses administrative privileges

Organization administrators can modify Connected App ownership through Access Management > Connected Apps > Owned Apps.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.veza.com/4yItIzMvkpAvMVFAamTf/integrations/integrations/mulesoft.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.