MuleSoft

Configuring the Veza integration for MuleSoft Anypoint Platform

Overview

The MuleSoft integration enables organizations to monitor and manage access controls across their MuleSoft Anypoint Platform cloud environment. This integration provides visibility into user access patterns, role assignments, and team structures within MuleSoft.

The integration enables:

  • Discovery of MuleSoft organization user access and permissions, incluuding role assignments and team memberships

  • Tracking of administrative privileges, role group assignments, and and security configurations

  • Analysis of user activity, correlating Mulesoft users to external identities (Okta, Azure AD)

See notes and supported entities for more details.

Configuring MuleSoft

To set up the integration, you'll need to create a Connected App in MuleSoft with appropriate permissions.

Requirements

  • Administrator access to your MuleSoft Anypoint Platform organization

  • Permissions to create and manage Connected Apps

  • The following API scopes available for assignment:

    • Access Controls Viewer

    • View Organization

    • View Users in a particular organization

  • A Veza admin account with permissions to create integrations

Note: This integration currently supports Anypoint Platform cloud deployments. Self-hosted MuleSoft deployments are not supported.

Creating a Connected App

  1. Navigate to Access Management in your MuleSoft Anypoint Platform

  2. Click Connected Apps in the navigation menu

  3. In the Owned Apps section, click Create App

  4. Complete the following fields:

    • Name: Enter a unique name for your integration

    • Type: Select "App acts on its own behalf (client credentials)"

  5. Click Save to create the Connected App

Configuring Required Scopes

  1. Click "Add Scopes" and select the following required scopes:

    • Access Controls Viewer

    • View Organization

    • View Users in a particular organization

  2. Save the scope configuration

  3. Note down the Client ID and Client Secret for use in Veza configuration

See the MuleSoft Access Management documentation for more details.

Configuring MuleSoft on the Veza Platform

  1. In Veza, go to the Integrations page

  2. Click Add Integration and search for MuleSoft. Click on the tile to add an integration

  3. Enter the required information

  4. Click Create Integration to save the configuration

Field
Notes

Name

A friendly name to identify this integration

Client ID

Client ID from the MuleSoft Connected App

Client Secret

Client Secret from the MuleSoft Connected App

Notes and Supported Entities

Organization

The organization entity represents your MuleSoft Anypoint Platform organization and its configuration.

Attribute
Notes

org_id

Unique identifier for the organization

org_name

Display name of the organization

mfa_required

MFA requirement status for the organization

org_type

Type of organization

domain

Organization's domain

subscription_category

Subscription level category

subscription_type

Type of subscription

subscription_expiration

Expiration date of current subscription

subscription_justification

Justification for subscription type

created_at

Organization creation timestamp

updated_at

Last update timestamp

deleted_at

Deletion timestamp (if applicable)

Users

Users represent individuals with access to the MuleSoft platform.

Attribute
Notes

id

Unique identifier for the user

username

User's login name

name

Display name (combination of first and last name)

email

Email address

first_name

User's first name

last_name

User's last name

enabled

Whether the user account is active

created_at

Account creation timestamp

updated_at

Last update timestamp

last_login

Most recent login timestamp

mfa_verifiers_configured

Whether MFA verification is set up

mfa_verification_excluded

Whether user is excluded from MFA requirements

is_federated

Whether the user is managed by an identity provider

type

User type classification

password_updated_at

Last password change timestamp

Groups (Teams)

Groups represent organizational structures within MuleSoft.

Attribute
Notes

team_id

Unique identifier for the team

team_name

Display name of the team

team_type

Classification of team

created_at

Team creation timestamp

updated_at

Last update timestamp

Roles

Roles define sets of permissions that can be assigned to users and groups.

Attribute
Notes

role_id

Unique identifier for the role

name

Display name of the role

description

Detailed description of the role's purpose

editable

Whether the role can be modified

created_at

Role creation timestamp

updated_at

Last update timestamp

Connected App Ownership

The ownership of the Connected App used for integration automatically transfers to the root organization owner if the creating user:

  • Is deleted from the system

  • Is removed from the root organization

  • Loses administrative privileges

Organization administrators can modify Connected App ownership through Access Management > Connected Apps > Owned Apps.

Last updated

Was this helpful?