Complete the following prerequisites before deploying PingIntelligence policy on MuleSoft:

  • Versions The PingIntelligence policy supports the 3.9.x and 4.x versions of MuleSoft. If you are using any other version, contact Ping Identity support.
    Note: Due to a known bug in Mulesoft 4.2.2, you can encounter a 502 error response when the PingIntelligence policy is deployed with MuleSoft 4.2.2. Refer to the following MuleSoft documentation for more information about the issue and its resolution.
  • Install PingIntelligence software

    PingIntelligence software should be installed and configured. For more information, see PingIntelligence manual deployment or PingIntelligence automated deployment

  • Verify that ASE is in sideband mode

    Check that ASE is in sideband mode by running the following ASE command:

    /opt/pingidentity/ase/bin/ status
    API Security Enforcer
    status                  : started
    mode                  : sideband
    http/ws                 : port 80
    https/wss               : port 443
    firewall                : enabled
    abs                     : disabled, ssl: enabled
    abs attack              : disabled
    audit                   : enabled
    sideband authentication : disabled
    ase detected attack     : disabled
    attack list memory      : configured 128.00 MB, used 25.61 MB, free 102.39 MB
    google pubsub           : disabled
    log level               : debug
    timezone                : local (UTC)
    If ASE is not in sideband mode, then stop ASE and change the mode by editing the /opt/pingidentity/ase/config/ase.conf file. Set mode as sideband and start ASE.
  • Enable sideband authentication: For a secure communication between Mulesoft Anypoint and ASE, enable sideband authentication by entering the following ASE command:
    # ./bin/ enable_sideband_authentication -u admin –p
  • Generate sideband authentication token

    A token is required for Mulesoft Anypoint to authenticate with ASE. To generate the token in ASE, enter the following command in the ASE command line:

    # ./bin/ -u admin -p admin create_sideband_token
    Save the generated authentication token for further use.

Prerequisites to gather the user information

Complete this optional prerequisite to gather user information from PingFederate. To integrate PingFederate with Mulesoft follow the instructions detailed in Configure Client Management PingFederate. This will enable PingFederate OAuth Token Enforcement policy. This policy should be applied before the PingIntelligence policy in the Anypoint platform API Manager as shown in the following screenshot.

Currently the PingIntelligence policy supports PingFederate as authorization server.