Mule OAuth 2.0 Client Store Configuration
Mule OAuth 2.0 Client Store allows the Mule OAuth 2.0 Provider to use Anypoint Client Applications for token generation.
This feature is available for Mule 4.2.0 and later.
The Mule runtime engine hosting the Mule OAuth 2.0 Provider must meet two requirements:
It must be licensed to run an API Gateway.
See Install Enterprise License for more information.
It must have configured Anypoint platform credentials.
Follow the Configuring Organization Credentials in Mule Runtime 4 for more information.
The Object Store has two configurable properties:
||Defines whether the caching mechanism should persist locally. The default value is
Represents how many days each Client Application should be cached by the OAuth Server. This value can be any positive floating point number. The default value is
To set the Mule OAuth Client Store in your OAuth Provider, use the following Object Store in the
clientStore parameter of the
... <mule xmlns:os="http://www.mulesoft.org/schema/mule/os" xmlns:agw-client-store="http://www.mulesoft.org/schema/mule/agw-client-store" xsi:schemaLocation=" http://www.mulesoft.org/schema/mule/agw-client-store http://www.mulesoft.org/schema/mule/agw-client-store/current/mule-agw-client-store.xsd http://www.mulesoft.org/schema/mule/os http://www.mulesoft.org/schema/mule/os/current/mule-os.xsd"> <os:config name="agwConfig"> <agw-client-store:connection/> </os:config> <os:object-store name="clientObjectStore" config-ref="agwConfig"/> ...
Remember that the following dependency must be added to the project, and that the application min Mule version must be 4.2.0 or higher.
... <dependency> <groupId>com.mulesoft.anypoint</groupId> <artifactId>api-gateway-oauth2-client-store</artifactId> <version>1.0.0</version> <classifier>mule-plugin</classifier> </dependency> ...
To prevent downtime of the Mule OAuth 2.0 provider due to errors when connecting to the platform, the Mule OAuth Client Store caches each valid Client Application for which a token is requested. If the Mule OAuth 2.0 provider requests a new token while there is no connection, the OAuth 2.0 Client Store fallbacks to the cache. The expiration of its entries has a default of 30 days. Additionally, you can configure this range, and even set it to persist the cache locally to ensure service availability in case of a restart or lack of connection to the platform. In case a Client Application for which a token already exists in the Client Store is removed from Anypoint Platform, on the next token request, the Client Store will remove the Client from the cache, mirroring the platform status.