+

MuleSoft Composer: Getting Started

Check that you meet the listed requirements before you set up Composer. Then you can set up and begin using Composer.

Requirements and Restrictions

  • The maximum number of concurrent users supported by an organization is 25.

  • You must purchase a MuleSoft Composer license, which is sold separately from the Anypoint Platform license.

  • If your company network has a stringent firewall or list of blocked IP addresses, your network administrator must add *.mulesoft.com to the list of allowed addresses.

    IP addresses used by Composer are dynamic; therefore, MuleSoft can’t provide a list of IP addresses.

  • You must relax any IP restrictions for the connections that you create to data sources and data targets as detailed in the Composer setup instructions.

  • Composer does not currently support mobile platforms.

Browser requirements:

  • Don’t use incognito mode or private browsers to access Composer.

  • If you use Firefox or Chrome, allow third-party cookies.

  • When you connect to another system, follow the requirements and restrictions applicable to that connection.

  • Composer fields with date values use the format YYYY-MM-DDThh:mmZ.

Set Up Composer

After you purchase MuleSoft Composer, it automatically creates a MuleSoft Composer org for you and sends a welcome email so that you can access MuleSoft Composer for the first time.

After you successfully connect, you then invite users to access that MuleSoft Composer org.

Access MuleSoft Composer as for the First Time:

As your organization’s primary administrator, follow these steps to initiate your MuleSoft Composer org:

  1. Log in to your email account, find the welcome email from MuleSoft Composer, and then click Accept invitation.

  2. In the Create account form, complete the required fields, including a password of at least eight characters that contains at least one uppercase letter, one lowercase letter, and one number.

  3. Click Create account.

  4. Log in to MuleSoft Composer using the username and password you just created.

  5. In Register a Verification Method, select a verification method, follow the steps to set up your multi-factor authentication, and then click Connect.
    The MuleSoft Composer overview page appears.

Invite Users to Access MuleSoft Composer

After you access your MuleSoft Composer org using administrator credentials, you then invite your organization’s users to your new MuleSoft Composer account:

  1. In the MuleSoft Composer sidebar, click Settings and then click Users.

  2. On the Users page, click Add Users.

  3. In the Invite New Users window, enter the email addresses of the users you want to invite, separating the names by using commas.

  4. Select the permissions that you want to apply to that group of users and then click Invite.

    The following permissions are available:

    • Builder: Enables all users in the group to create and manage flows.

    • Administrator: Enables all users in the group to invite and manage users in addition to creating and managing flows.

      The invited users receive the MuleSoft Composer welcome email.

Monitor Pending Unaccepted Invitations

After inviting users, you can monitor each pending invitation that has not yet been accepted.

To monitor a pending invitation:

  1. In the MuleSoft Composer sidebar, click Settings and then click Users.

  2. On the Users page, elect the Pending Invitations tab.
    Information about the users' invitations appear. In the menu:

    1. Click the options icon to the right of the user invitation that you want to monitor.

    2. If the invitation to that user is older than 14 days and is about to expire, if you want to resend it, click Resend Invite.

    3. If you want to revoke the invitation to that user, click Revoke Invite.

Admin: Manage Users

As administrator, you are responsible for managing your MuleSoft Composer users to meet your organization’s business needs. The following user management tasks are available:

  • Change user roles

  • Reset user passwords

  • Reset user multi-factor authentication (MFA) methods

  • Delete users

Change User Roles

To change a user’s role:

  1. In the MuleSoft Composer sidebar, click Settings and then click Users.

  2. On the Users page, next to the user’s email address, click the options icon and then click Manage.
    The user’s page appears.

  3. Select the Permissions tab.

  4. Select the permission setting for the user and then click Save.

Reset User Passwords

To reset a user’s password:

  1. In the MuleSoft Composer sidebar, click Settings and then click Users.

  2. On the Users page, next to the user’s email address, click the options icon, and then click Reset Password.
    An email is sent to the user with instructions for resetting their MuleSoft Composer MFA settings.

Reset User Multi-factor Authentication (MFA) Methods

To reset a user’s MFA method:

  1. In the MuleSoft Composer sidebar, click Settings and then click Users.

  2. On the Users page, next to the user’s email address, click the options icon, and then click Reset Multi-factor Auth.
    An email is sent to the user with instructions for resetting their MuleSoft Composer password.

Delete Users

To delete a user:

  1. In the MuleSoft Composer sidebar, click Settings and then click Users.

  2. On the Users page, next to the user’s email address, click the options icon, and then click Delete.
    A message appears, warning you that deleting a user cannot be undone.

  3. Click Delete.

Enable Multiple Identification Providers (IDP)

As an administrator, you can enable users to add identity providers (IDPs) for their organization. Note that:

  • If an IDP user is deleted from MuleSoft Composer and that user subsequently logs in to MuleSoft Composer using the IDP, the user profile is restored in the Disabled state. To allow the user to authenticate again, an toggle the state to Enabled.

  • You cannot disable the creation of new users via the Users page.

  • Deleting an IDP user does not stop the flows activated by that user.

  • When MuleSoft Composer is dynamically registered as an OpenID Connect SSO provider in Okta, MuleSoft Composer is named “Anypoint Platform” in Okta.

For more information on identity management in MuleSoft, see the Access Management documentation.

To enable OpenID Connect (OIDC) IDP:

  1. In the MuleSoft Composer sidebar, click Settings and then click Multiple IDP.

  2. On the Identity Provider page, click Add Identity Provider > OpenID Connect.

  3. In the New Identity Provider page, complete the required fields:

    • Name: The nickname for this IDP.

    • Client Registration URL: The URL to dynamically register client applications for your identity provider. This field appears when you select Dynamic Registration.

    • Authentication Header: The header that provides credentials to authenticate a server. This header is required if the provider restricts registration requests to authorized clients. This field appears when you select Dynamic Registration.

    • Client ID: The unique identifier that you provided for your manually created client application. This field appears when you select Manual Registration.

    • Client Secret: The password, or secret, for authenticating your MuleSoft Composer organization with your Identity Provider. This field appears when Manual Registration is selected.

    • OpenID Connect Issuer: The location of the OpenID Provider. For most providers, .well-known/openid-configuration is appended to the issuer to generate the metadata URL for OpenID Connect specifications. If your OpenID Provider is Salesforce, then you must provide the value for issuer.

    • Authorize URL: The URL where the user authenticates and grants OpenID Connect client applications access to the user’s identity.

    • Token URL: The URL that provides the user’s identity encoded in a secure JSON Web Token.

    • User Info URL: The URL that returns user profile information to the client app.

  4. Optionally, expand Advanced Settings, and provide the following values:

    • Group Scope: The OIDC scope to request the group claim.

    • Group Attribute JSON Data Expression: The JSONata expression used to select the groups from the user information or ID token. The result must be an array of strings.

    • Disable server certificate validation checkbox: Select to disable server certificate validation if your OpenID client management instance presents a self-signed certificate or one signed by an internal certificate authority.

  5. Click Save.

  6. Log out of MuleSoft Composer, navigate to the sign-on URL you entered in the New Identity Provider page, and then log in through your identity provider to test the configuration.

To enable SAML 2.0 IDP:

Note that the file-based configuration of a SAML 2.0 is not supported.

  1. In the MuleSoft Composer sidebar, click Settings and then click Multiple IDP.

  2. On the Identity Provider page, click Add Identity Provider > SAML 2.0.

  3. In the New Identity Provider page, complete the required fields:

    • Name: Enter a nickname for this IDP.

    • Sign On URL: The redirect URL provided by the IDP for sign in. For example, https://example.com/sso/saml.

    • Sign Off URL: The URL to redirect sign-out requests, so users both sign out of MuleSoft Composer and have their SAML user’s status set to signed out.

    • Issuer: The ID of the identity provider instance that sends SAML assertions.

    • Public Key: The Public key provided by the identity provider, which is used to sign the SAML assertion. It is the X509Certificate value in the SAML response.

    • Audience: An arbitrary string value that identifies your MuleSoft Composer organization. The typical value for this string is <organizationDomain>.composer.mulesoft.com.

    • Single Sign On Initiation: Specify whether SSO can be initiated by MuleSoft Composer, your identity provider (for example, Okta), or both.

      • The Service Provider Only option allows only MuleSoft Composer to initiate SSO.

      • The Identity Provider Only option allows only your external identity provider to initiate SSO.

      • The Both option allows either MuleSoft Composer or your external identity provider to initiate SSO.
        The default value for this setting for newly configured identity provider configurations is Both.

  4. Optionally, expand Advanced Settings, and provide the following values:

    • Username Attribute: Field name in the SAML AttributeStatements that maps to the user’s name. If no value is configured, the NameID attribute of the SAML Subject is used (Note: This is outside the SAML AttributeStatements).

    • First Name Attribute: Field name in the SAML AttributeStatements that maps to First Name.

    • Last Name Attribute: Field name in the SAML AttributeStatements that maps to Last Name.

    • Email Attribute: Field name in the SAML AttributeStatements that maps to Email.

    • Group Attribute: Field name in the SAML AttributeStatements that maps to Group.

    • Require encrypted SAMl assertions checkbox: If enabled, the SAML assertions sent from the IDP must be encrypted and follow the guidelines mentioned in the prerequisites.

  5. Click Save.

  6. Log out of MuleSoft Composer, navigate to the sign-on URL you entered in the New Identity Provider page, and then log in through your identity provider to test the configuration.

Enable Flow Failure Notifications

As administrator, you can enable flow failure notifications via email. When enabled, checks run every 15 minutes on running flows. If any flow fails, Composer sends an email to the owner of the flow. Note that:

  • A maximum of four consecutive emails are sent for the same error.

  • The error log for the flow resets every 24 hours.

  • The error log only runs while the flow runs.

To enable email notifications:

  1. In the Composer sidebar, click Settings and then click Email notifications.

  2. Toggle the button to enable email notifications.

  3. Click Save.

Connect Composer to Anypoint Platform

Organizations that use both MuleSoft Composer and Anypoint Platform can connect the two products.

To link Composer to Anypoint Platform:

  1. In MuleSoft Composer, in the navigation pane, click Settings > Account.
    The Account page appears.

  2. On the Account page, copy the value in the Organization ID field.

  3. Log in to the Anypoint Platform organization that you want to connect to MuleSoft Composer.
    The Anypoint Platform page appears.

  4. In the navigation pane, click Access Management.
    The Access Management page appears.

  5. In the Access Management page, in the navigation pane, click Composer Sync.
    The Add Composer Organization window appears.

  6. In the Add Composer Organization window, in the Organization ID field, paste the Organization ID that you copied from the Account page of MuleSoft Composer and then click Add.

  7. Open MuleSoft Composer and refresh the page.

  8. In MuleSoft Composer, in the navigation pane, click Settings > Account.
    The Account page appears, displaying a linking request from Anypoint Platform.

  9. Click Review and Confirm.

  10. In the Access Token section, click Authenticate in Anypoint.
    The Anypoint Platform login page appears.

  11. Log in to Anypoint Platform.

  12. In the Client App section, click Create Client App.
    The Composer organization is now linked to the Anypoint organization.

API Sharing

MuleSoft Anypoint Platform customers can share externally available APIs managed in Anypoint Platform with business users for consumption in a MuleSoft Composer flow.

Before sharing APIs from Anypoint Platform to MuleSoft Composer, ensure that:

  • Your organization uses Anypoint Platform for API Management.

  • Your organization has Rest APIs managed by API Manager that conform to the following:

    • The API specifications use either RAML or OpenAPI.

    • The API uses basic authentication, bearer token, or API Key in conjunction with a Client ID and Secret.

  • Composer organizations are linked to Anypoint organizations.

  • The API must be accessible from the public internet.

For more information on how to connect externally available APIs, refer to Rest Consumer Connector.

Share an API Instance with Composer

If you manage your APIs with Anypoint API Manager, you can share those APIs with MuleSoft Composer.

To share an API Instance with MuleSoft Composer:

  1. Create an API Instance in Anypoint Platform.

  2. In Anypoint Platform, in the navigation pane, click Exchange.

  3. In the list, find the API instance that you want to share, click Request access, and then click the Client App that was created by MuleSoft Composer.
    The Request access window appears.

  4. In the Request access window, click Request access.

  5. Open MuleSoft Composer and then open the flow to ensure that the shared API appears in the Shared Apps section of the canvas.

Disconnect Composer Connection to Anypoint Platform

You can disconnect your connection from MuleSoft Composer to Anypoint Platform; however, removing this connection does not delete existing configurations.

To disconnect your MuleSoft Composer connection to Anypoint Platform:

  1. Log in to the Anypoint Platform organization containing the connection to MuleSoft Composer that you want to disconnect.
    The Anypoint Platform page appears.

  2. In the navigation pane, click Access Management.
    The Access Management page appears.

  3. In the navigation pane, click Connected Apps.
    The Connected Apps page appears.

  4. In the Owned Apps tab, next to Composer API Sharing, click the options button, and then click Delete.
    MuleSoft Composer is now disconnected from Anypoint Platform.

Was this article helpful? Thanks for your feedback!
View on GitHub