Learn how to enable fine-grained access control through the MuleSoft API Gateway by deploying the PingAuthorize API integration kit and connecting to the Sideband API.
Ping Identity provides a custom MuleSoft policy to enable this configuration.
The custom MuleSoft policy acts as the sideband adapter, allowing MuleSoft to be used as the API gateway as follows:
- The client sends an incoming request to MuleSoft.
- The custom MuleSoft policy passes the incoming request to PingAuthorize Server.
- PingAuthorize Server determines whether to permit or deny the request based on policies defined in the PingAuthorize Policy Editor (not to be confused with MuleSoft policies). The server also performs any desired request modifications.
- If the request is permitted, MuleSoft makes the request to the backend resource.
- MuleSoft receives a response from the backend resource.
- The custom MuleSoft policy makes a second API call to pass response information to PingAuthorize Server.
- PingAuthorize Server determines whether to permit or deny based on the backend response. Before the server returns the request to MuleSoft, it also modifies the request based on policies defined in PingAuthorize.
- MuleSoft sends the response to the client.