--- title: Applying the custom MuleSoft policy for PingAuthorize description: You must apply the deployed custom MuleSoft policy to use MuleSoft as an application programming interface (API) gateway with PingAuthorize. component: pingauthorize version: 11.0 page_id: pingauthorize:pingauthorize_integrations:paz_apply_mulesoft_policy_paz canonical_url: https://docs.pingidentity.com/pingauthorize/11.0/pingauthorize_integrations/paz_apply_mulesoft_policy_paz.html revdate: August 14, 2023 section_ids: about-this-task: About this task steps: Steps result: Result: next-steps: Next steps --- # Applying the custom MuleSoft policy for PingAuthorize You must apply the deployed custom MuleSoft policy to use MuleSoft as an application programming interface (API) *(tooltip: \
\

A specification of interactions available for building software to access an application or service.\

\
)* gateway with PingAuthorize. ## About this task The PingAuthorize policy supports HTTP APIs configured with the `Endpoint with proxy` or `Basic Endpoint` options. ## Steps 1. Sign on to your MuleSoft Anypoint account. 2. Go to the API manager, expand the API to which you want to attach the PingAuthorize policy, and click **Version**. ![Screen capture of the Manage API screen in the MuleSoft API Manager with a callout highlighting the Version value](_images/bhz1626284943995.png) 3. In the left navigation pane, click **Policies**. The **Policies** page supports applying the PingAuthorize policy to the API. ![Screen capture of the PingAuthorizeAPI v1 - Settings window under the Policies tab (highlighted) in the MuleSoft API Manager](_images/ewo1626284987474.png) 4. Click **Apply New Policy**. ![Screen capture of the PingAuthorizeAPI v1 Policies window under the Policies tab with the Apply New Policy button highlighted in lower center of the screen](_images/pyz1626285305789.png) ### Result: The **Select Policy** window opens. 5. In the **Select Policy** window, select the PingAuthorize policy and current version. Click **Configure Policy**. ![Screen capture of the Select Policy page with the PingAuthorize policy highlighted](_images/ame1626285146143.png) 6. On the **Apply Policy** page, enter the following values: 1. In the **PAZ Token** field, enter the sideband adapter shared secret generated as part of the prerequisites in [Deploying the custom MuleSoft policy for PingAuthorize](paz_deploy_mulesoft_policy_paz.html). 2. In the **PAZ Host** field, enter the PingAuthorize host and port. | | | | - | ------------------------------------------------------------- | | | Do not include the connection scheme (http\:// or https\://). | 3. Select the **Enable SSL** check box for a secure HTTPS connection between MuleSoft and PingAuthorize. 4. Select the **Allow self-signed certificate** check box to enable MuleSoft to accept a self-signed certificate from PingAuthorize. For information about configuring PingAuthorize to use trusted certificates, see [Importing signed and trusted certificates](../pingauthorize_server_administration_guide/paz_import_signed_certs.html). 5. Select an access token type: Choose from: * Use Authorization Header: Indicates that the authorization header of an incoming request should be passed to PingAuthorize and used to authorize the client. * Use hard-coded parsed access token: Allows configuration of an access token that will be used for every request. Use this only for testing purposes. * Use parsed access token: Allows configuration of a DataWeave expression for retrieving a parsed access token from the Mule message. When you use MuleSoft's OAuth 2.0 Token Enforcement policies to obtain a parsed access token, use the expression `#[authentication.properties.userProperties]`. For more information, see [DataWeave Language](https://docs.mulesoft.com/mule-runtime/4.3/dataweave). 6. **Optional:** Configure the **Connection Timeout** and **Read Timeout**. Timeouts govern the behavior of the API gateway when it cannot connect to PingAuthorize or the response from PingAuthorize is delayed. \+ | Timeout parameter | Description | | ------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------- | | Connection Timeout | Governs the time the API gateway waits to establish a connection with PingAuthorize, following which it sends the client request to the backend server. | | Read Timeout | Governs the time the API Gateway waits for PingAuthorize's response before sending the request to the backend server. | \+ | | | | - | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | | The default value is 5000 milliseconds (5 seconds). It's good practice to configure a small value to limit the delay in case PingAuthorize isn't reachable or is unresponsive. | 1. **Optional:** Select the **Enable debug logging** check box to see requests sent to PingAuthorize Server along with responses. 2. **Optional:** Configure **Methods & Resource Conditions**. See [Resource-Level Policies](https://docs.mulesoft.com/api-manager/2.x/policies-policy-level) for more information. ![Screen capture of the Apply PingAuthorize policy page with fields completed as directed in steps 6a-h and in the Apply button in the lower right](_images/fej1626285074831.png) ## Next steps If there are any changes to PingAuthorize endpoints, repeat the process explained in step 6 and re-deploy the configuration.