Guided Setup

From the Anypoint API Community Manager control panel, open the Salesforce App Launcher and search for API Community Manager Guided Setup.

These steps require a configured identity provider. For more information about configuring an identity provider, see the installation prerequisites. Using OpenID Connect as your identity provider requires using the manual setup.

Configure a Custom Subdomain

API Community Manager uses a custom subdomain to connect securely to your Anypoint organization.

This section of the guided setup helps you configure your subdomain, or displays the subdomain you have already configured.

Connect with Your Anypoint Organization

To connect your API Community Manager instance to your Anypoint organization:

  1. Select your organization’s Anypoint management plane, which may be the US control plane, the EU control plane, the MuleSoft Government Cloud control plane, or another control plane.

  2. Create a connected app in your Anypoint organization for Salesforce to use as a consumer system.

    If your Anypoint account has the organization administrator role, the guided setup tool can create the connected app for you.

    Otherwise, ask an organization administrator to create the connected app for you, or perform these steps:

    1. Create a key pair in Salesforce for communication between Salesforce and Anypoint Platform:

      1. Click Setup > Security > Certificate and Key Management > Create Self-Signed Certificate.

      2. Set Label/Name to Anypoint.

      3. Disable Exportable Private Key.

      4. Set Key Size to 2048 or larger.

      5. Click Save.

      6. Click Download Certificate to save the public key on your local machine.

    2. Click Access Management > Connected Apps > Create App.

    3. Enter a name for the app.

    4. Enable App acts on behalf of a user.

    5. In the section Grant types, enable JWT Bearer.

    6. Copy the public key from the downloaded file and paste it into the public key text area.

    7. Verify that the public key certificate has this format:

      -----BEGIN CERTIFICATE-----
      PUBLIC KEY
      -----END CERTIFICATE-----
    8. Set Website URL to https://login.salesforce.com.

    9. In the section Redirect URIs, add http://localhost, because connected apps require redirect URIs but this configuration does not use them.

    10. In the section Who can use this application?, select Members of this organization only.

    11. In the section Scopes, add Background Access and Full Access.

    12. Click Save.

    13. Copy the client ID.

    14. Do not copy the client secret, because this configuration uses the certificate instead.

  3. Authenticate and authorize the connected app to access your Anypoint organization.

    If your Anypoint account has the organization administrator role, provide your Anypoint Platform user and password, and the guided setup will create the app.

    Otherwise, provide these app details:

    1. Set Client ID to the client ID from the connected app you created.

    2. To find the identity provider ID, run this request:

      curl --location --request GET 'https://anypoint.mulesoft.com/accounts/api/organizations/<YOUR_ORG_ID>/provider/users' \
      --header 'Authorization: Bearer <TOKEN>'

      Replace <YOUR_ORG_ID> with your organization ID and replace <TOKEN> with your token.

      In the response, find the line with the provider_id:

      "provider_id": "01234567-89ab-cdef-0123-456789abcdef",
    3. Set IDP ID to this identity provider ID.

    4. Click Connect to authenticate and authorize the app to connect the API Community Manager organization with your Anypoint organization.

Configure Users

Give your user the Exchange contributor permission:

  1. In your Anypoint Platform organization, click Access Management > Users.

  2. Select your user.

  3. Click Permissions > Add permissions.

  4. Ensure that your user has the permission Exchange Contributor in each business group.

Give community users the Exchange viewer permission:

  1. Ensure that you have Exchange Administrator permissions.

  2. In your Anypoint Platform organization, navigate to Access Management and click Teams.

  3. Create a new team named Community Users.

  4. Click Settings.

  5. Set the parent team to everyone in the organization.

  6. In External IdP Groups, set Group Name to Community User and set Type to Member.

  7. Click Permissions > Add permissions and add the permission Exchange Viewer.

    When prompted, select all business groups with any assets that you want community users to be able to view.

Set Profile Permissions

After the connection with your Anypoint organization is established, click Continue to open the API Community Manager diagnostics tool, review your installation, and update the guest user and member user permissions. After the installation and permissions are verified, create your first community.

Was this article helpful?

💙 Thanks for your feedback!

Edit on GitHub