Friday, November 22, 2024
Latest:

Integration-Anywhere

Integrate Yourself Here

Mulesoft Sample POCs Mulesoft Tutorials 

Integrating Auth0 with Mule: A Comprehensive Guide

Kishan Purohit ,

Auth0

It provides a flexible and drop in solution to add authentication and authorisation services to the applications.

Mulesoft (Anypoint Platform)

It provides exceptional business agility to companies by connecting applications, data, and devices, both on-premises and in the cloud with an API-led approach By leveraging the Anypoint Platform.

M2M Token-based approach to secure API

API developed in MuleSoft can be secured using machine-to-machine (M2M) applications, such as CLIs, daemons, or services running on our back end, the system authenticates and authorises the app rather than a user. For this scenario, typical authentication schemes like username + password or social logins don’t make sense. Instead, M2M apps use the Client Credentials Flow (defined in OAuth 2.0 RFC 6749, section 4.4), in which they pass along their Client ID and Client Secret to authenticate themselves and get a token.

Account setup in Auth0

  • Create an account in Auth0
  • Login into the account using account credential
  • Click the CREATE button to create the application
  • Name the application and choose application type as machine to machine
  • Add API name, select scope and click on Authorize
  • Copy the client_id and client_secret of the application. It will be used while generating the security token
  • Scroll down to the bottom and select advanced settings. In the Grant Type make sure only Client Credentials are selected. Click Save Changes to save the changes.
  • Click on Test, copy the code snippet and generate token

Configuration of JWT Validations Policy in Anypoint Platform

To create a policy in API manager, an API must be created from RAML/OAS/SOAP or available in exchange to import.

  • Login to Anypoint platform and select API Manager
  • Click on Manage API from Exchange
  • Search API name which is already exists in your exchange and select Asset type accordingly.
  • Check the mule version and then click on Save
  • On the success of the above steps, the API page will display from which we can get the Auto discovery (API ID). It will be used in actual implementation flow to refer policy from mule instance.
  • Now Click on Policies > Appy New policy > Select policy
  • Select JWT Validations with latest version
  • Configure JWT Policy like below
  • Your JWKS URL will be : https://<your-auth0-host>/.well-known/jwks.json

Configure Auto discovery in API implementation

  • Add API ID which we copied from API manager and select the flow on which policy needs to be applied
  • Deploy API instance to the Cloud Hub

Test API

  1. Generate Auth token as discussed in the above steps
  2. Call -> Get: <Your-deployed-api-host>/api/orders & pass bearer token as Authorization
  3. You would get an API response like below

You May Also Like

Implementing Your First API with Anypoint Studio: A Beginner’s Guide

Kishan Purohit

Snowflake Integration with Mule: A Comprehensive Guide

Kishan Purohit

Integrating MuleSoft with WhatsApp: A Step-by-Step Guide

Kishan Purohit