You must apply the deployed custom MuleSoft policy to use MuleSoft as an
The PingAuthorize policy supports HTTP APIs configured
Endpoint with proxy or
- Sign on to your MuleSoft Anypoint account.
Go to the API manager, expand the API to which you want to attach the PingAuthorize policy, and
In the left navigation pane, click Policies.
The Policies page supports applying the PingAuthorize policy to the API.
Click Apply New Policy.
The Select Policy window opens.
In the Select Policy window, select the PingAuthorize policy and current version. Click
On the Apply Policy page, enter the following
- In the PAZ Token field, enter the sideband adapter shared secret generated as part of the prerequisites in Deploying the custom MuleSoft policy for PingAuthorize.
In the PAZ Host field, enter the PingAuthorize host and port.
Do not include the connection scheme (http:// or https://).
- Select the Enable SSL check box for a secure HTTPS connection between MuleSoft and PingAuthorize.
Select the Allow self-signed certificate check
box to enable MuleSoft to accept a self-signed certificate from PingAuthorize.
For information about configuring PingAuthorize to use trusted certificates, see Importing signed and trusted certificates.
Select an access token type:
- Use Authorization Header: Indicates that the authorization header of an incoming request should be passed to PingAuthorize and used to authorize the client.
- Use hard-coded parsed access token: Allows configuration of an access token that will be used for every request. Use this only for testing purposes.
- Use parsed access token: Allows configuration of a DataWeave expression for retrieving a
parsed access token from the Mule message. When you use
MuleSoft's OAuth 2.0 Token Enforcement policies to obtain a
parsed access token, use the expression
#[authentication.properties.userProperties]. For more information, see DataWeave Language.
Configure the Connection Timeout and
Timeouts govern the behavior of the API gateway when it cannot connect to PingAuthorize or the response from PingAuthorize is delayed.
Timeout parameter Description
Governs the time the API gateway waits to establish a connection with PingAuthorize, following which it sends the client request to the backend server.
Governs the time the API Gateway waits for PingAuthorize's response before sending the request to the backend server.Note:
The default value is 5000 milliseconds (5 seconds). It's good practice to configure a small value to limit the delay in case PingAuthorize isn't reachable or is unresponsive.
- Optional: Select the Enable debug logging check box to see requests sent to PingAuthorize Server along with responses.
Configure Methods & Resource
See Resource-Level Policies for more information.
If there are any changes to PingAuthorize endpoints, repeat the process explained in step 6 and re-deploy the configuration.