AS2 receive endpoint settings determine where to receive B2B messages received over AS2.
An AS2 Receive from Partners endpoint (the only type of AS2 receive endpoint) acts as the source endpoint in an inbound message flow that receives B2B messages from partners either directly or via third-party connections.
One AS2 endpoint can receive data from multiple partners, multiple third-party connections, or both.
Only a host can own AS2 Receive from Partners endpoints.
|
Each AS2 receive endpoint configuration gets deployed as an individual Mule application in the runtime. To minimize the number of vCores needed to run Anypoint Partner Manager, use an existing AS2 receive endpoint configuration across multiple message flows.
|
Create an AS2 Receive from Partners endpoint by configuring these settings on the <host> page:
Setting |
Description |
Required |
Owner |
Host that owns the endpoint. |
x |
Usage |
Endpoint function (Receive from partners ). |
x |
Protocol |
Protocol that the endpoint supports (AS2 ). |
x |
Endpoint name |
Automatically generated name used to identify the endpoint, which you can modify manually. |
x |
Description |
User-supplied value that describes the purpose of the endpoint. |
|
Private port (when deploying to VPC) |
Applies when using Anypoint Virtual Private Cloud (Anypoint VPC) with CloudHub deployments:
-
When enabled, the AS2 receive endpoint application deploys to the private port 8092 in your Anypoint VPC. You can manage the access control to the endpoint via the Anypoint VPC and dedicated load balancer settings.
-
When disabled, the AS2 receive endpoint application deploys to the public port 8082 by default.
You can access the endpoint URL directly over the internet.
|
|
HTTPS |
Applies to CloudHub deployments.
Indicates whether Partner Manager deploys the AS2 receive endpoint as an HTTPS listener:
-
If enabled (default), Partner Manager deploys the AS2 receive endpoint as an HTTPS listener.
-
If disabled, Partner Manager deploys the AS2 receive endpoint as an HTTP listener.
When deploying to Anypoint Runtime Fabric, Partner Manager always deploys the AS2 receive endpoint as an HTTP listener. With this type of deployment, you must configure an Ingress controller to provide external consumers with an HTTPS endpoint. For more information, see Configuring Ingress for Runtime Fabric.
|
x
|
Manage with API Manager |
Allows you to manage the endpoint in API Manager, where you can apply policies, such as authentication and client credentials, and configure SLA tiers. Document your message specifications by using Exchange and share them with your partners via public portals from Exchange or by obtaining an additional license and sharing the specifications in API Experience Hub.
To manage an endpoint in API Manager, create an HTTP API in API Manager in the same environment and organization as the endpoint.
When you create the API in API Manager:
-
Select HTTP API as the asset type.
-
Leave the defaults on the Endpoint configuration screen.
-
Copy the API instance ID and paste it into the API Auto discovery id field in the Partner Manager New endpoint: Receive from Partners window.
|
x |
AS2 URL |
URL to the AS2 server (automatically generated). |
x |
Enforce security level |
Indicates whether Partner Manager rejects incoming AS2 messages that aren’t signed, encrypted, or both. When Partner Manager rejects a message, it returns a negative Message Disposition Notification (MDN) to the sender.
-
Signed & Encrypted
(Default) Rejects incoming messages that aren’t both signed and encrypted.
-
Signed
Rejects incoming messages that aren’t signed.
-
Encrypted
Rejects incoming messages that aren’t encrypted.
-
None
Accepts messages that aren’t signed or encrypted.
When deploying an AS2 endpoint to CloudHub using the HTTP protocol, you cannot change the default value (Signed & Encrypted ).
|
x |
<Host> keystore |
Host keystore file that stores your organization’s public certificate and private key. Select an existing keystore file or create a new one.
To create a new keystore file:
-
In the <host> Keystore field, click Select.
-
Click New.
-
Complete the fields on the New certficate for <host> window, as described in Managing AS2 Host Keystores.
-
Click Create.
|
x |
Follow these steps to add basic authentication for incoming AS2 messages from your partners:
-
Configure the endpoint with Manage with API Manager.
-
Configure a client credentials policy in API Manager and select HTTP Basic Authentication Header as the credentials origin.
-
Add documentation to the HTTP API from Exchange and engage with your partners by publishing it to the public portal from Exchange or via API Experience Hub.
-
If you publish via a portal, your partners must log in and request access.
-
If you follow the API request process on behalf of your partners, HTTP basic auth headers pass the client ID and client secret upon request.