Contact Free trial Login

Expose Tokenization as a Service Directly to Mule Applications

If a lot of complex data processing needs to take place before traffic gets to the tokenization/de-tokenization service, it makes sense to set up a Mule app to which Edge can route the traffic. In this scenario, the Mule app processes the data and sends the traffic to the tokenization service.

If you don’t need the Mule app to do any data processing, it can also do nothing other than expose the tokenization service as a pass-through.

Because the tokenization service accepts only TLS traffic, you must enable TLS for the Mule HTTP outbound connection, and enable Las-tMile security when deploying the Mule app to Runtime Fabric so the edge-to-Mule-app connection uses TLS.

Create an API from the Tokenization RAML

Once you have the information you need to set up a routable tokenization service using an API Gateway, create an API from the tokenization RAML.

  1. Go to the public Anypoint Platform developer portal, and search for "Tokenization API."

  2. Select Download > As RAML. The RAML is downloaded as a ZIP file.

  3. Go to your Exchange portal, and click New asset.

  4. Set the Name as Tokenization API and the Type as REST API - RAML.

  5. Select the ZIP file you downloaded, and click Publish.

  6. In Studio or Design Center, create an HTTP outbound connection based on the Tokenization API RAML.
    The tokenization service in Runtime Fabric listens on port 3443 and is available through HTTPS only.
    The hostname portion for the outbound URL is formed by taking the service name + -tokenizer. For example, if the tokenization service name is “mytoken1”, the outbound URL is: https://mytoken1-­tokenizer:3443.

  7. Use a Dataweave transform step before the HTTP outbound connection to convert your input data into the TokenizationServiceRequest data type defined in the Tokenization API RAML.
    The request is an array of items, and a single example is: {"format" : "ssnonly", "data" : "333-33-3333"}. The value of format matches a tokenization format that is defined on the service. The data value is what to tokenize or detokenize.

    The array should be 100 items long at most. If it is any longer than 100 items, break it up into multiple requests to the tokenization service.
  8. Set the HTTP Listener in the Mule application to HTTPS.

  9. Export the Mule app.

  10. In Runtime Manager, deploy the application to Runtime Fabric.

    You must select the Last mile security checkbox to enable TLS between the edge and the Mule app.
  11. (Optional) For improved security and protection of the Mule app, you should add some method of authentication.

Configure TLS

This is an example of how to configure TLS for Mule apps in Studio 7.3.

  1. Go to Anypoint Studio, and open the project for your Mule app.

    tokenization example import api gateway studio
  2. Go to src/main/resources and add the keystore. In this example the keystore is named tester.jks.

    tokenization example keystore
  3. Add TLS to the listener side so you can later enable the Last Mile Security flag. To do this, first set the HTTPS flag.

    tokenization example set https flag
  4. Click the TLS tab to set the keystore information, then select the following:

    • From the TLS Configuration drop-down, select Edit inline.

    • In Trust Store Configuration, check the Insecure box.

    • In Key Store Configuration, enter the information for your keystore, and click OK.
      In this example the trust store side is set to insecure and the keystore, alias, and password information has been added.

      tokenization example set keystore info
  5. Edit the settings for the HTTP endpoint to enable TLS on the HTTP connection from Mule to the tokenization service.

    tokenization example configure TLS
  6. Save the application and export it.

  7. In Anypoint Platform, go to Runtime Manager, and click Deploy Application.

  8. In the Deploy Application page:

    1. Enter an Application Name.

    2. From the Deployment Target drop-down, select the Runtime Fabric to which to deploy the app.

    3. Click Choose file to upload the application you exported.

    4. Select the Runtime version for the Mule the app will run on, and configure your Replicas and Resource Allocation.

    5. Click the Ingress tab, and select Enable Last­Mile Security option.

  9. Click Deploy Application.

Was this article helpful?

💙 Thanks for your feedback!

Edit on GitHub