Contact Free trial Login

Organization

When you create an Anypoint Platform account, a master (or root) organization is created, and you are assigned as the owner of the organization. Organization owners automatically inherit the Organization Administrators role.

The organization name is the name you entered in the Company field in the initial Anypoint Platform signup form. You can change the name in the organization settings.

An organization is an account where multiple users can share resources, including applications and environments. The level of access users have to various resources depends on their assigned roles and permissions. For example, one user might have permission to manage API alerts, while another user has permission only to view API alerts.

When you sign into Anypoint Platform, the organization icon and name are displayed on the top right of the page. The master organization can contain multiple business groups. You can think of business groups as sub-organizations, or children of the master organization. Click the organization icon to navigate between business groups.

Organization Owner

The user who first signs up for an Anypoint Platform account is designated as the organization owner. This is not a role that is assigned, rather it is an identifier for this single user (creator of the Anypoint Platform account). The owner is assigned the Organization Administrators role by default.

Every business group created within the organization hierarchy thereafter must have an owner assigned. Only users with the Organization Administrators role can be assigned as owners of business groups. Any organization administrator can assign and change owners of business groups. There cannot be more than one owner at once for a business group. The Organization Administrators role cannot be removed from organization owners.

An Anypoint Platform user who has Organization Administrator privileges can perform the following types of tasks:

  • Invite users to an organization

  • Assign users to roles that define their permissions in the platform

  • Edit and remove users from an organization

  • Assign or change owners of business groups

  • Configure organization settings

  • View a client ID and client secret

  • Access analytics for the APIs in your organization

  • Create business groups to delegate management of the resources and define the scopes of roles and permissions

  • Configure additional properties at the business group level.

Organization Page

On the Organization page, you can:

  • View a hierarchical tree of all of the organizations you have permissions to view. You can view and edit properties of an organization by clicking the name.

  • Click the name of a group to view and edit its information. What you can view and edit depends on your role.

    Changing the name or domain name of an organization changes the deep links to any existing API Portals in your organization.
  • Add and delete business groups (if enabled).

Access the Organization page:

  1. Sign into your Anypoint Platform account as a user with the Organization Administrators role.

  2. Select the Access Management option from the main page, or click the menu button in the top left corner.

    anypoint platform nav menu

    The Organization page is displayed, where you can view organizations and business groups and add new business groups (if enabled).

You can also click Organization in the left menu to view the Organization page.

Client ID and Client Secret

Each master organization, environment, and business group within the master organization has its own associated unique client ID and client secret. These are used for authentication by users who are not organization administrators to access assets within an organization. The client ID and password are generated by Anypoint Platform for each environment you create, and they are globally unique.

To deploy proxies or APIs to CloudHub, you must use these values to configure a customer-hosted Mule Runtime or legacy API Gateway.

Organization-level client IDs and client secrets are supported only for backward compatibility. In newer Anypoint Platform accounts, use the client ID and client secret for an environment instead. See Environments.

View the Client ID and Secret for Organizations and Environments

  1. Sign into your Anypoint Platform account as a user with the Organization Administrators role.

  2. Select the Access Management option from the main page, or click the menu button in the top left corner and click Access Management in the left navigation.

  3. In the Access Management page, click Organization, or Environments in the left menu.

  4. Click the name of the organization or environment for which to view the client ID and secret.

  • For newer Anypoint Platform accounts, the client ID and secret apply to environments rather than organizations. See Environments.

  • To change the client ID or client secret of an organization, please contact your MuleSoft customer support representative.

Manage Master Organization Settings

Only users with the Organization Administrators role can manage these settings.

An organization administrator can modify the organization’s name, domain name, and session timeout for its users.

To access these settings:

  1. In Access Management, click Organization in the left menu, then click the organization name.

  2. Modify any of the following settings, then click Save changes.

    • Organization name: This can be anything, for example, the name of the company.

    • Domain name: Although multiple organizations can be created by different users using the same company name, each organization must have a unique domain name.

    • Owner: The identifier of the organization owner.

    • Default session timeout: Set the amount of time (in minutes) a user is inactive before they are automatically signed out of Anypoint Platform. The default is 60 minutes, the minimum is 15 minutes, and the maximum is 180 minutes.

organization 11dbd

You can also view the organization ID, client ID, and client secret. These values apply to the master organization and grant permissions for all of the business groups contained within.

Sharing Resources in an Organization

All API versions and CloudHub environments that you create in an organization are accessible only to users within the organization.

If you want to share resources with a user, you have to invite the user to join your organization, and the user must create a new account under the organization you sent the invitation from. See Inviting Users for more information.

Because the organization name (often the company name) is not necessarily unique, it is not sufficient for the invited user to create a new account and use the company name associated with the master organization. The domain name you set in the organization information is what distinguishes your organization from other organizations.

Invited users must use the link they receive in the invitation email to join your organization.

If your organization is configured to use an external federated identity system, you do not need to invite users, as they are authenticated by the external identity provider.

After a user joins your organization, they have access to the resources associated with the role(s) assigned to them. You can assign roles to grant users access to different resources within the organization. A best practice is to assign roles to the user at the time you invite them to join your organization so the roles are in effect when the user signs in for the first time. See Roles for more information.

If your organization contains business groups, you can give users access to multiple business groups by granting them roles within each group.