Connected Apps

The Connected Apps feature provides a framework that enables an external application to integrate with Anypoint Platform using APIs through OAuth 2.0 and OpenID Connect. Connected Apps help users delegate their access without sharing sensitive credentials or giving full control of their applications to third parties. Actions taken by connected apps are audited, and users can revoke access at any time. The Connected Apps feature enables you to use secure authentication protocols and control an app’s access to user data.

Authentication and Authorization

Anypoint Platform supports OAuth 2.0 and OpenID Connect to authorize apps to access data within Anypoint Platform. OAuth (Open Authorization) is an open protocol that provides secure API authorization from applications in a simple and standardized way. OAuth can authorize access to resources without revealing user credentials to apps. OpenID Connect identifies the end user and obtains information to pass to OAuth 2.0 connected apps.

For more information, see OAuth 2.0 and OpenID Connect.

Access and Authorization

You can use the Connected Apps feature to create a seamless authentication experience for end users. Connected apps address use cases for the following types of users:

An organization administrator can control how their organization’s data is used by allowlisting apps, revoking access, and disabling this feature for the entire organization.
An organization administrator who is developing a connected app can register new (and manage existing) apps at the root organization or business group level.
An end user can authorize apps to access particular information, such as viewing assets in Anypoint Exchange.

There are two types of connected apps supporting different grant types:

Type	Description	Supported grant types	Example use cases
App that acts on behalf of a user	Authorized by a user to act on their behalf	Authorization Code Password JWT Bearer	Productizing additional third-party applications on top of Anypoint Platform.
App that acts on its own behalf	Acts on its own behalf without impersonating a user. The app can be used only in the organization where it is created.	Client Credentials	Automation scenarios such as building or accessing CI/CD pipelines without user intervention.

Type

Description

Supported grant types

Example use cases

App that acts on behalf of a user

Authorized by a user to act on their behalf

Authorization Code
Password
JWT Bearer

Productizing additional third-party applications on top of Anypoint Platform.

App that acts on its own behalf

Acts on its own behalf without impersonating a user. The app can be used only in the organization where it is created.

Client Credentials

Automation scenarios such as building or accessing CI/CD pipelines without user intervention.

Connected Apps

Authentication and Authorization

Access and Authorization

See Also