To onboard a new MuleSoft account This article describes the process for onboarding a MuleSoft environment into Data Theorem's API security product you must first invite the cloud@datatheorem.comaccount to your environment and setup the proper access rights for the account.
This account will allow our services to discover and analyze (with limited read access) your configuration, resources, and APIs.
Setting up a Custom Role
To setup a custom role, open a new tab and:
...
Under the title Management Center select Access Management
Note: If you can’t find Access Management then you might not have access to set this up.
Select Roles from the left side menu
Click the Add role button
In the dialog box for the Role Name field enter
MuleSoftScanner
In the dialog box for the Role Description field enter
Data Theorem custom role to scan and inspect environments
Once the role has been created, Select the API Manager tab under Permissions
Select the environment from the Add environment by name field for the environment you want the scanner to scan
Note: You’ll have to do steps 8-10 for each environment you want the scanner to scan.
Once an environment has been selected, Select the following permissions from the Select access field
View APIs Configuration
View Contracts
View Policies
After permissions have been selected, Click the Blue Plus Icon on the right hand side
Note: This page should now look something like the following screenshot.
...
Next we move on to the Design Center where we have to setup a few more permissions, Select the Design Center tab under Permissions
Select the environment from the Add environment by name field for the environment you want the scanner to scan
Note: You’ll have to do steps 12-13 for each environment you want the scanner to scan.
Once an environment has been selected, Select the following permissions from the Select access field
Design Center Developer
After permissions have been selected, Click the Blue Plus Icon on the right hand side
Note: This page should now look something like the following screenshot
...
At this point all permissions have been properly setup!
Proceed to inviting the MuleSoft scanner account below.
Inviting the MuleSoft Scanner Account
After creating the custom role we need to invite the MuleSoft scanner so Data Theorem can access your environment. Once done you should have the following:
Organization ID
To invite the MuleSoft Scanner account, open a new tab and:
...
Under the title Management Center select Access Management
Note: If you can’t find Access Management then you might not have access to set this up.
Select Users from the left side menu
Click the Invite user button
Note: If this button isn’t available you have to enable non-SSO users.
See Enable non-SSO Users Documentation.
...
cloud@datatheorem.com
For the Role field enter the custom role setup earlier
MuleSoftScanner
...
Click Send invitation
...
Once on the portal you will be redirected to a url that looks like the following
https://anypoint.mulesoft.com/home/organizations/46753f13-52b8-4454-86e0-f92f8a6ae6a8/
Copy out the portion after https://anypoint.mulesoft.com/home/organizations/ this is your Organization ID
Extra References
...
How to know my Organization ID
...
How to add an Anypoint Platform User after enabling External Identity
...
...
...
. You will need an account within your MuleSoft environment able to access the Access Management page in order to create a “Connected App” for Data Theorem.
Steps:
The MuleSoft onboarding flow can be started from the Data Theorem portal at https://www.securetheorem.com/api/v2/inventory/asm-setup.
Start the flow using "Add Source" and then "MuleSoft":
...