REST API: Object Store v2

Anypoint Object Store v2 (OSv2) provides a REST API that lets you get and store key,list values.

An object store works with a single application to temporarily store application data. To authenticate access, you need the client ID and client secret for the application, which Object Store displays in the Runtime Manager in Anypoint Platform.

Data can be stored for up to 30 days in an object store.

About Object Store v2 Operations

The ObjectStore connector reads and writes in the key/value format; whereas OSv2 API reads and writes key/lists values.

Note: If an application writes to an object store using the REST interface and reads with the Mule 3 object store connector from the same key, the read can only retrieve the value at element 0 of the list. Therefore, when using the REST API, only use the API for writing and reading content from the Object Store. Alternatively, you can use the API to only write to index 0. This limitation does not apply to the Mule 4 and Anypoint Studio object store connector.

The following table compares the Object Store REST API operations to Object Store connector operations:

OSv2 API OSv2 REST API Operations ObjectStore Connector Operation


  • Object Store:

    • TTL for the object store - by default the TTL is 1,209,600 seconds (14 days). The MAX TTL is 2,592,000 seconds (30 days).

    • Persistence property

    • Usage limits for each application or environment, includes options for limiting based on keys or size and how to enforce them.

  • Key and list (item) value



  • Get keys

  • Get item

  • Get items

  • Get all items

  • Get regions for an organization

Contains + Retrieve + Retrieve all keys + Retrieve and store (Retrieve part)


  • Put item as String

  • Put item as Number

  • Put item as confirmable String

  • Put store

Dual store + Store


  • Remove object store

  • Delete key

  • Delete item


The Dual Store operation in the Object Store connector consists of these two operations where the key and value are stored and then the values reversed. The Dual Store operation acts the same as two OSv2 Put item as String calls to accomplish these results:

  1., value);

  2., key);

About the Object Store v2 APIs Workflow

Before deploying an object store application, log into Anypoint Platform > Runtime Manager to reduce the number of allowed workers so that you can add a new application.

Accessing the Object Store 2 API works as follows:

  • Deploy an Application

  • Access the REST API

  • View the App Client ID and Secret

To Deploy an Application

  1. Log into Anypoint Platform.

  2. Click Runtime Manager.

  3. If you have an existing application, click it and click Manage Application.

    If this is your first use, create an application in Anypoint Studio. When done developing, right-click the project name in Package Explorer and click Anypoint Platform > Deploy to Cloud.

  4. In the Runtime Manager Deploying Application menu:

    1. If the application name has a red X, change the name so that the green check mark appears after the name.

      The application name you choose becomes the name users access your application with. For example, if you name your application, mydemo, users can access your application at

    2. Ignore the Deployment Target and Application File fields - Anypoint Studio fills in this information for you.

    3. If needed, change the Mule Runtime version field from the drop-down list.

    4. If needed, change the Worker size field.

    5. Click Deploy Application.

To Access the REST API

Set up an application like Postman to access the object store. Obtain the access_token value:

  1. Configure the object store access URL to:

  2. Configure the application with HTTP headers and body for values to store to or read from the object store.

  3. Send the operation to the object store API.

To View the App Client ID and Secret

If you are the organization administrator for your Anypoint Platform account, you can view the client ID and client secret for an app from the Object Store menu.

The client ID and secret are required to authenticate an application for use with the Object Store v2 REST API.

  1. Log into Anypoint Platform > Runtime Manager.

  2. Click an application that has Object Store access and click Manage Application. The app can be running or undeployed.

  3. If the app is not yet associated with Object Store V2, click the checkbox and apply changes.

  4. Click the Object Store menu in the left navigation area, click Show Client Credentials.

  5. Click the Copy to Clipboard icon, and paste the client ID or secret value into your curl application that you use to authenticate the REST API.

Example: Retrieve a List of Object Stores

The following procedures assume you have already created an application and given it access to Object Store v2.

Note: Get the Client ID and Secret as described in To View the App Client ID and Secret.

Get the Bearer ID

Submit this POST command to get an access token with the bearer ID:

curl -X post \
> \
>   -H 'Content-Type: application/x-www-form-urlencoded' \
>   -d 'client_id=CLIENT_ID&client_secret=CLIENT_SECRET&grant_type=client_credentials'

The response is similar to:


Get Environment and Organization IDs

In Access Management > Environments, click the environment where the application resides. Copy the environment ID from the URL, for example:

In Access Management > Organization, copy your Organization ID.

View List of Object Stores

Submit this command replacing BEARER_ID with your bearer ID, ORG_ID with your organization ID, and ENV_ID with your environment ID.

curl -X GET \
> -H 'authorization: bearer BEARER_ID' \
> ''

The output has values similar to: