Contact Free trial Login

REST API: Object Store v2

Anypoint Object Store v2 (Object Store v2) provides a REST API that enables you to get and store key-value pairs.

An object store works with a single application to temporarily store application data. To authenticate access, you need the client ID and client secret for the application, which Object Store displays in the Runtime Manager in Anypoint Platform. See View the App Client ID and Secret.

The maximum number of keys you can obtain in each GET operation is 25.

Object Store v2 Operations

The Object Store connector reads and writes in the key,value format; whereas Object Store v2 API reads and writes key,list values.

If an application writes to an object store using the REST interface and reads with the Mule 3 object store connector from the same key, the read can only retrieve the value at element 0 of the list. Therefore, when using the REST API, only use the API for writing and reading content from the Object Store. Alternatively, you can use the API to only write to index 0. This limitation does not apply to the Mule 4 and Anypoint Studio object store connector.

The following table compares the Object Store REST API operations to Object Store connector operations:

Object Store v2 API Object Store v2 REST API Operations ObjectStore Connector Operation


  • Object Store:

    • TTL in seconds for the object store - by default the TTL is 2,592,000 seconds (30 days). See How long can data persist in Object Store v2?

    • Persistence property.

    • Usage limits for each application or environment, includes options for limiting based on keys or size and how to enforce them.

  • Key and list (item) value.



  • Get keys

  • Get item

  • Get items

  • Get all items

  • Get regions for an organization

Contains + Retrieve + Retrieve all keys + Retrieve and store (Retrieve part)


  • Put item as String

  • Put item as Number

  • Put item as confirmable String

  • Put store

Dual store + Store


  • Remove object store

  • Delete key

  • Delete item


The Dual Store operation in the Object Store connector consists of two operations where the key and value are stored and then the values reversed. The Dual Store operation acts the same as two Object Store v2 "Put item as String" calls to accomplish these results:

  1., value);

  2., key);

Object Store v2 APIs Workflow

Before deploying an object store application, log into Anypoint Platform and use Anypoint Runtime Manager (Runtime Manager) to reduce the number of allowed workers so that you can add a new application.

Accessing the Object Store v2 API works as follows:

  • Deploy an Application

  • Access the REST API

  • View the App Client ID and Secret

Deploy an Application

  1. Log into Anypoint Platform.

  2. Click Runtime Manager.

  3. If you have an existing application, click it and click Manage Application.

    If this is your first use, create an application in Anypoint Studio. When done developing, right-click the project name in Package Explorer and click Anypoint Platform > Deploy to Cloud.

  4. In the Runtime Manager Deploying Application menu:

    1. If the application name has a red X, change the name so that the green check mark appears after the name.

      The application name you choose becomes the name users access your application with. For example, if you name your application mydemo, users can access your application at

    2. Ignore the Deployment Target and Application File fields. Anypoint Studio fills in this information for you.

    3. If needed, change the Mule Runtime engine version field from the drop-down list.

    4. If needed, change the worker size field.

    5. Click Deploy Application.

Access the REST API

Set up an application like Postman to access the object store. Obtain the access_token value:

  1. Configure the object store access URL to:


    For values to use for osBaseUrl, see the following table.

  2. Configure the application with HTTP headers and body for values to store to or read from the object store.

  3. Send the operation to the object store API.

You can use the following domains for the value of osBaseUrl in the access URL:

Control Plane Domain



View the App Client ID and Secret

If you are the organization administrator for your Anypoint Platform account, you can view the client ID and client secret for an app from the Object Store menu.

The client ID and secret are required to authenticate an application for use with the Object Store v2 REST API.

  1. Log into Anypoint Platform > Runtime Manager.

  2. Click an application that has Object Store access and click Manage Application. The app can be running or undeployed.

  3. If the app is not yet associated with Object Store v2, click the checkbox and apply changes.

  4. Click the Object Store menu in the left navigation area, then click Show Client Credentials.

  5. Click the Copy to Clipboard icon, and paste the client ID or secret value into your curl application that you use to authenticate the REST API.

View the Bearer Token

After you have the client ID and secret for your application, you can get the bearer ID using a curl command:

curl -X POST \ \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'client_id=CLIENT_ID_VALUE&client_secret=CLIENT_SECRET_VALUE&grant_type=client_credentials'

Substitute CLIENT_ID_VALUE and CLIENT_SECRET_VALUE for the Client ID and secret.

The output appears as:

    "access_token": "42424242-5454-4242-5454-425442544254",
    "token_type": "bearer"

Example: Retrieve a List of Object Stores

The following procedures assume you have already created an application and given it access to Object Store v2.

Note: Get the Client ID and Secret as described in View the App Client ID and Secret.

Get Environment and Organization IDs

In Access Management > Environments, click the environment where the application resides. Copy the environment ID from the URL, for example:

In Access Management > Organization, copy your Organization ID.

View List of Object Stores

Submit this command replacing BEARER_ID with your bearer ID, ORG_ID with your organization ID, and ENV_ID with your environment ID.

curl -X GET \
> -H 'authorization: bearer BEARER_ID' \
> ''

The output has values similar to:


Was this article helpful?

💙 Thanks for your feedback!

Edit on GitHub