-----BEGIN CERTIFICATE----- PUBLIC KEY -----END CERTIFICATE-----
Guided Setup
Use the guided setup to setup API Community Manager.
If you have multiple identity providers in your organization, follow the instructions in Manual Setup.
Prerequisites
To set up API Community Manager with guided setup, complete the prerequisite steps and then follow these steps.
Open Guided Setup
From the Anypoint API Community Manager control panel, open the Salesforce App Launcher and search for API Community Manager Guided Setup.
Connect with Your Anypoint Organization
To connect your API Community Manager instance to your Anypoint organization:
-
Select your organization’s Anypoint management plane, which may be the US control plane, the EU control plane, the MuleSoft Government Cloud control plane, or another control plane.
-
If your Anypoint Platform user has organization administrator credentials:
-
If your user has multi-factor authentication enabled, open Access Management > Users > your user’s page > Settings and enable Exempt from MFA requirement.
-
Select I have organization administrator credentials and enter your Anypoint Platform username and password.
The system creates a certificate named
Anypoint
in Salesforce, creates a connected app in Anypoint Platform using the certificate, creates a named credential in Salesforce using the client ID from the Anypoint Platform connected app and the identity provider information, configures the external data source, and grants Exchange contributor permissions to the impersonated user from the Salesforce administrator.
-
-
If your Anypoint Platform user account does not have organization administrator credentials:
-
Ask your organization administrator to use the following steps to create a connected app and give you the Client ID and IDP ID.
-
Select I don’t have organization administrator credentials and enter the Client ID and IDP ID from your organization administrator.
-
Create a Connected App
To create a connected app if you are an organization administrator:
-
In Salesforce, create a key pair for communication between Salesforce and Anypoint Platform:
-
Click Setup > Security > Certificate and Key Management > Create Self-Signed Certificate.
-
Set Label/Name to
Anypoint
. -
Disable Exportable Private Key.
-
Set Key Size to 2048 or larger.
-
Click Save.
-
Click Download Certificate to save the public key from the key pair to your local machine.
-
-
Click Access Management > Connected Apps > Create App.
-
Enter a name for the app.
-
Enable App acts on behalf of a user.
-
In the section Grant types, enable JWT Bearer.
-
Copy the public key from the downloaded file and paste it into the public key text area.
-
Verify that the public key certificate has this format:
-
Set Website URL to
https://login.salesforce.com
. -
In the section Redirect URIs, add
http://localhost
.Each connected app requires one or more redirect URIs, but this configuration does not use them.
-
In the section Who can use this application?, select Members of this organization only.
-
In the section Scopes, add Background Access and Full Access.
-
Click Save.
-
Copy the client ID.
Do not copy the client secret, because this configuration uses the certificate instead.
-
To find the identity provider ID, run this request:
curl --location --request GET 'https://anypoint.mulesoft.com/accounts/api/organizations/<YOUR_ORG_ID>/identityProviders' \ --header 'Authorization: Bearer <TOKEN>'
Replace
<YOUR_ORG_ID>
with your organization ID and replace<TOKEN>
with your token.In the response, find the line with the
provider_id
:"provider_id": "01234567-89ab-cdef-0123-456789abcdef",
-
Copy this identity provider ID to use as the IDP ID.
Configure Users
Give your user the Exchange contributor permission:
-
In your Anypoint Platform organization, click Access Management > Users.
-
Select your user.
-
Click Permissions > Add permissions.
-
Ensure that your user has the permission Exchange Contributor in each business group.
Give community users the Exchange viewer permission:
-
Ensure that you have Exchange Administrator permissions.
-
In your Anypoint Platform organization, navigate to Access Management and click Teams.
-
Create a new team named Community Users.
-
Click Settings.
-
Set the parent team to everyone in the organization.
-
In External IdP Groups, set Group Name to Community User and set Type to Member.
-
Click Permissions > Add permissions and add the permission Exchange Viewer.
When prompted, select all business groups with any assets that you want community users to be able to view.
Set Profile Permissions
After the connection with your Anypoint organization is established, click Continue to open the API Community Manager diagnostics tool, review your installation, and update the guest user and member user permissions. After the installation and permissions are verified, create your first community.