The Connected Apps feature provides a framework that enables an external application to integrate with Anypoint Platform using APIs through OAuth 2.0 and OpenID Connect. Connected apps help users delegate their access without sharing sensitive credentials or giving full control of their accounts to third parties. Actions taken by connected apps are audited, and users can also revoke access at any time. Note that some products do not currently include client IDs in this release of the Connected Apps feature. The Connected Apps feature enables you to use secure authentication protocols and control an app’s access to user data. Additionally, end users can authorize the app to access their Anypoint Platform data.
Anypoint Platform supports OAuth 2.0 and OpenID Connect to authorize apps to access data within Anypoint Platform. OAuth (Open Authorization) is an open protocol that provides secure API authorization from applications in a simple and standardized way. OAuth can authorize access to resources without revealing user credentials to apps. OpenID Connect identifies the end user and obtains information to pass to OAuth 2.0 connected apps.
You can use the Connected Apps feature to create a seamless authentication experience for end users. Connected apps address use cases for the following types of users:
An organization administrator can control how their organization’s data is used by whitelisting apps, revoking access, and disabling this feature for the entire organization.
An organization administrator who is developing a connected app can register new (and manage existing) apps within their organization.
An end user can authorize apps to access particular information, such as viewing assets in Anypoint Exchange.