--- title: Preparing to deploy the PingIntelligence policy description: Complete the following prerequisites before deploying the PingIntelligence policy on MuleSoft. component: pingintelligence version: 5.2 page_id: pingintelligence:pingintelligence_integrations:pingintelligence_mulesoft_prepare canonical_url: https://docs.pingidentity.com/pingintelligence/5.2/pingintelligence_integrations/pingintelligence_mulesoft_prepare.html revdate: April 3, 2024 section_ids: about-this-task: About this task steps: Steps result: Result: troubleshooting: Troubleshooting: --- # Preparing to deploy the PingIntelligence policy Complete the following prerequisites before deploying the PingIntelligence policy on MuleSoft. ## About this task Before deploying the PingIntelligence policy: ## Steps 1. Verify that MuleSoft version 3.9.x or 4.x is installed. If you are using any other version, contact Ping Identity support. | | | | - | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | Due to a known bug in MuleSoft 4.2.2, you can encounter a `502` error response when the PingIntelligence policy is deployed with MuleSoft 4.2.2. Refer to thehttps\://help.mulesoft.com/s/article/Scatter-Gather-throwing-Event-instance-or-a-MessagingException-on-4-2-2-only\[MuleSoft documentation] for more information about the issue and its resolution. | 2. Install and configure the PingIntelligence software. For more information, see [PingIntelligence manual deployment](../installing_pingintelligence_for_apis/pingintelligence_manual_deployment.html) or [PingIntelligence automated deployment](../installing_pingintelligence_for_apis/pingintelligence_automated_deployment.html). 3. Verify that API Security Enforcer (ASE) is in `sideband` mode by running the following ASE command: ``` /opt/pingidentity/ase/bin/cli.sh status ``` ### Result: ``` API Security Enforcer status : started mode : sideband http/ws : port 80 https/wss : port 443 firewall : enabled abs : disabled, ssl: enabled abs attack : disabled audit : enabled sideband authentication : disabled ase detected attack : disabled attack list memory : configured 128.00 MB, used 25.61 MB, free 102.39 MB google pubsub : disabled log level : debug timezone : local (UTC) ``` ### Troubleshooting: If ASE is not in `sideband` mode, then stop ASE and change the mode by editing the `/opt/pingidentity/ase/config/ase.conf` file. Set `mode` as `sideband` and start ASE. 4. For a secure communication between MuleSoft Anypoint and ASE, enable sideband authentication by entering the following ASE command: ``` # ./bin/cli.sh enable_sideband_authentication -u admin –p ``` 5. To generate the token in ASE, enter the following command in the ASE command line and save the generated authentication token for further use: A token is required for MuleSoft Anypoint to authenticate with ASE. ``` # ./bin/cli.sh -u admin -p admin create_sideband_token ``` 6. **Optional:** Gather user information from PingFederate: 1. To integrate PingFederate with MuleSoft, follow the instructions in [Configure Client Management PingFederate](https://docs.mulesoft.com/access-management/conf-client-mgmt-pf-task). This will enable PingFederate OAuth Token Enforcement policy. This policy should be applied before the PingIntelligence policy in the **Anypoint platform API Manager** as shown in the following screenshot. ![A screen capture of the API level policies page with two policies highlighted with a yellow square.](../_images/hml1593747115172.png) Currently the PingIntelligence policy supports PingFederate as authorization server.