Contact Us 1-800-596-4880

Configuring Organization Credentials in Mule Runtime 4

Organization credentials provide a way to uniquely identify a specific environment, an organization, or a business group when linking Mule runtime engine (Mule) to an organization using Anypoint Platform. Credentials for environments, organizations, and business groups consist of two keys: the client ID and a client secret. Mule uses these credentials to connect to and access your organization.

The recommended way to link Mule to Anypoint API Manager (API Manager), is by using the environment client ID and secret. You may also use the organization client ID and secret, or even business group credentials if you want to track APIs defined in business groups linked to Mule or belonging to a parent business group linked to Mule.

When you use environment credentials, you can manage APIs that are specific to only that environment. If your APIs are in different environments of Anypoint Platform, you must specify instead the credentials of the organization that contains both environments.

You can also use parent organization credentials to manage child organization APIs. For example, if ACME is the parent organization and Logistics is a business group (child organization) within ACME, your API Administrator can track APIs created in Logistics using the credentials of either Logistics or of ACME.

You can identify client applications with client ID and secret. However, it is recommended that client application credentials not be used in place of organization credentials. Otherwise Mule is not linked correctly to the organization.

You can only successfully pair Mule to your organization if Mule is started using Anypoint Platform credentials that are already configured. If you provision an adapter with organization credentials, you can manage APIs on only that specific adapter of your organization.

Obtaining Credentials

Because you are required to provide credentials from time to time when using API Manager, you might need to obtain these credentials for various client applications. You can obtain environment and organization credentials using the procedures explained in this section.

To obtain environment credentials:

  1. Log in to Anypoint Platform as an administrator, and click Access Management.

  2. Click the Environments tab and click the name of your environment within your desired organization.

    environment api manager

Remember that environment credentials are only available in the post-crowd (November 2017) release version of the platform.

Obtaining Organization Credentials

To obtain organization credentials:

  1. Log in to Anypoint Platform as an administrator, and click Access Management.

  2. Click the Organization tab and click on the name of your organization or corresponding Business Group.

    orgid api manager

Configuring Credentials for Standalone Deployments

Automatic Runtime Manager Agent Setup Mechanism

If you are setting up a stand alone instance, and you would like to register the Runtime Manager agent:

  1. Log in to Anypoint Platform as an administrator, and click Runtime Manager.

  2. Click the Servers tab, then Add Server.

  3. Run the command you are prompted to run. This command looks similar to this:

    <MULE_HOME>/bin/./amc_setup -H bb123456-789c-1234-9fd3-58f4b5e2d82e---123 server-name

    Where MULE_HOME is a variable holding the root directory of the Mule installation. For example, /opt/Mule/mule-enterprise-standalone/.

Executing this command configures your runtime agent, and the automatically adds the correct organization credentials to your Mule with the correct organization credentials and URLs, so your Mule is linked to a specific organization.
After registering the agent, the wrapper.conf file is modified with the required data so configuration changes are made persistent.

Manual Configuration

If you are setting up an on premises instance to point to a specific organization, you need to add your credentials in the wrapper.conf file (persistent approach) or specifying the credentials data using the command line.

Using the Wrapper.conf File

The configuration file is placed in the <MULE_HOME>/conf directory, where MULE_HOME is a variable holding the root directory of the Mule installation.

  1. Navigate to your $MULE_HOME directory.

  2. Open the file located in /conf/wrapper.conf.

  3. Add your Anypoint Platform Organization credentials like shown below:

    wrapper.java.additional.<n>=-Danypoint.platform.client_id=XXXXXXXX
    wrapper.java.additional.<n>=-Danypoint.platform.client_secret=XXXXXXXX

    <n> must be a unique number, not used by any other entry in that file. We recommend you to use the next incremental value over the previous entries in the list.

    If two or more lines use the same <n> identifier, only the first value with that number is taken into account.

    If your organization is defined in the EU control plane, you need to define two additional keys:

    wrapper.java.additional.<n>=-Danypoint.platform.base_uri=https://eu1.anypoint.mulesoft.com
    wrapper.java.additional.<n>=-Danypoint.platform.analytics_base_uri=https://analytics-ingest.eu1.anypoint.mulesoft.com

Using the Command Line

You can pass your credentials at start up time by using the following arguments:

Mac OS X / Linux
MULE_HOME/bin/mule \
-M-Danypoint.platform.client_id=XXXXXXXX \
-M-Danypoint.platform.client_secret=XXXXXXXX
Windows
MULE_HOME\bin\mule.bat -M-Danypoint.platform.client_id=XXXXXXXX -M-Danypoint.platform.client_secret=XXXXXXXX

If your organization is defined in the EU control plane, you should define the base URLS by adding two additional keys:

Mac OS X / Linux
MULE_HOME/bin/mule \
-M-Danypoint.platform.client_id=XXXXXXXX \
-M-Danypoint.platform.client_secret=XXXXXXXX \
-M-Danypoint.platform.base_uri=https://eu1.anypoint.mulesoft.com \
-M-Danypoint.platform.analytics_base_uri=https://analytics-ingest.eu1.anypoint.mulesoft.com
Windows
MULE_HOME\bin\mule.bat -M-Danypoint.platform.client_id=XXXXXXXX -M-Danypoint.platform.client_secret=XXXXXXXX -M-Danypoint.platform.base_uri=https://eu1.anypoint.mulesoft.com -M-Danypoint.platform.analytics_base_uri=https://analytics-ingest.eu1.anypoint.mulesoft.com

The same applies if you are pointing at an organization defined in a Private Cloud Edition. You would need to provide the URLs for your Private Cloud Edition installation.

Configuring Credentials for Anypoint Studio 7

You can configure Studio 7 to work with your Anypoint Platform organization for testing connectivity and governance applied to endpoints.

  1. In Anypoint Studio, click Anypoint Studio from the top menu bar, and Preferences.

  2. Under Anypoint Studio, click API Manager

  3. Type in the client ID and secret under Environment Credentials:

    configure autodiscovert 4 studio

    If your organization is defined in the EU control plane, then you must also specify the base URL for that plane:

    api gateway enabling 0cbca

    The same applies if you are pointing at an organization defined in a Private Cloud Edition. You would need to provide the URLs for your Private Cloud Edition installation.

Configuring Credentials in Runtime Manager for your Deployed Application

Automatic Auto-generated Proxy Deploy Mechanism

You can deploy an auto-generated proxy from your API directly to Cloudhub.

  1. Log in to Anypoint Platform as an administrator, and click API Manager.

  2. From the list of available APIs, click the API version of the API from which you want to auto-generate a proxy.

  3. Click the Settings tab, and navigate to the Deployment Configuration.

  4. Configure your runtime version and your proxy application name, and click Deploy.

When you deploy a proxy using this mechanism, the system automatically configures the organization credentials (and URLs, if applicable) for you. You may take a look at them in Runtime Manager → <Application Name> → Settings → Properties.

Manual Configuration

  1. Navigate to Runtime Manager in Anypoint Platform.

  2. Access the Properties section of the deployed application. If the application is being deployed for the first time, the Properties section will appear during the deployment configuration.

  3. In the Properties section, add the following properties:

    anypoint.platform.client_id=XXXXXXXX
    anypoint.platform.client_secret=XXXXXXXX

    If your organization is defined in the EU control plane or using a Mule Private Cloud Edition, you should define the base URLS by adding two additional keys:

    anypoint.platform.client_id=XXXXXXXX
    anypoint.platform.client_secret=XXXXXXXX
    anypoint.platform.base_uri=https://eu1.anypoint.mulesoft.com
    anypoint.platform.analytics_base_uri=https://analytics-ingest.eu1.anypoint.mulesoft.com

    The same applies if you are pointing at an organization defined in a Private Cloud Edition. You would need to provide the URLs for your Private Cloud Edition installation.