How to implement AS2 connectivity with your B2B trading partner network

In our previous blogs, we covered a high-level overview of various Anypoint B2B integration solutions to seamlessly connect with your trading partner ecosystem for exchanging business transactions. As part of the “How to” blog series, we will walk through various B2B integration use cases with Anypoint B2B Solutions. Our goal with this blog is to cover a use case that implements secured connectivity leveraging Anypoint AS2 connector to send and receive B2B transactions. 

About AS2

Applicability Statement 2 (AS2) is one of the widely-used transport protocols, enabling organizations to securely exchange business transactions in real-time over the internet with their trading partners. AS2 protocol offers: 

  • Non-repudiation: Messages transported over AS2 protocol are typically encrypted with the receiver’s digital certificate, and signed with the sender’s private key file — allowing the receiver to verify the authenticity of the received message.
  • Message management: AS2 provides means to send message disposition notifications (MDNs) confirming the successful receipt, signature-verification, and decryption of the message by the receiver. This ensures that the sender knows the transaction was received successfully and will be processed.

MuleSoft’s AS2 Connector

MuleSoft’s AS2 connector allows Anypoint Platform customers to send and receive business transactions electronically with added security over HTTP or HTTPS protocols, from within their Mule applications. The AS2 connector enables:

  • Secured exchange of B2B transactions from Anypoint Platform.
  • Large file processing support through the usage of streaming.
  • AS2 communications from the cloud as well as from customer-hosted runtimes.

Implementing AS2 Connector for B2B connectivity

In this blog, we will elaborate how Anypoint AS2 Connector can be leveraged to establish B2B connectivity between two enterprises: NTO Retailer and Mythical Supplier.

We will leverage the following operations of the Anypoint AS2 Connector to implement this connectivity:

  • Listener operation to build the AS2 receiver application for Mythical Supplier.
  • Send with sync MDN operation to build the AS2 send application for NTO Retailer.

As a prerequisite, install the latest version of Anypoint AS2 Connector in Anypoint Studio prior to downloading the demo AS2 applications.

AS2 Receiver for Mythical Supplier

We will use the demo application example-b2b-mythical-as2-receiver to showcase how to implement the AS2 listener service to listen for AS2 messages from trading partners, and deliver the received message to an Anypoint MQ queue for further processing.

The application uses the AS2 Listener as the message source, and Anypoint MQ connector to publish the received message to a queue.

AS2 Listener configurations

  • HTTP listener: The AS2 connector leverages Anypoint HTTP connector under the hoods to enable HTTP transport to facilitate AS2 message exchange. The sample application uses standard HTTPS Listener configuration. 
  • Security requirement level: This configuration allows you to set if the listener should reject incoming messages that are not signed and/or encrypted. The demo app has this configuration set to “SIGNED_ENCRYPTED,” ensuring any unsigned/un-encrypted messages are rejected.
  • Self and partner configs: AS2 identifier and key-pair alias of the host organization, Mythical Supplier and the trading partner, NTO Retailer in this example.
    • The sample application includes the required certificates of the trading partner (NTO) and the certificate key-pair of the host (Mythical) in the keystore file mythical.p12.
  • Authentication: Inbound request authentication is enabled, with the basic-auth credentials.

Application flow

AS2 Listener takes care of verifying the credentials of the sender, their AS2 identifier and signature, decrypts the received payload, and passes it into the application flow upon successful verification. The sample application prints the attributes of the incoming message and publishes the payload into an Anypoint MQ queue, along with the AS2-id and file name as user properties.

Create the Anypoint MQ queue (as2-inbound-edi.q) via Anypoint MQ console and update the MQ API URL, Client ID, and Secret in the Anypoint MQ configuration in the application.

Deploying the AS2 receiver

Deploy the application to CloudHub or a standalone Mule runtime, and Mythical supplier is now ready to receive AS2 messages into the URL: https://appname.host/receive.

AS2 Sender for NTO Retailer

We will use the demo application example-b2b-nto-as2-send to showcase how to implement the AS2 send service to consume transactions from an Anypoint MQ and send them to trading partners via AS2 protocol.

The application uses Anypoint MQ Subscribe as the message source, and AS2 Send w/Sync MDN operation to transmit B2B transactions over AS2 protocol to the URL at Mythical Supplier.

Create the Anypoint MQ queue (b2b-outbound-mythical-as2.q) and update the configuration with the API URL, Client Id, and secret to enable the message source to consume messages from the queue.

AS2 Send configurations

  • General:
    • Connection timeout: Setup according to the SLAs of trading partner’s AS2 receive service.
    • Partner URL: This is the AS2 receive URL of the trading partner, Mythical Supplier’s AS2 receiver application. 
    • Self and partner config: AS2 identifier and key-pair alias of the host organization, NTO Retailer and the trading partner, Mythical Supplier in this example.
      • The sample application includes the required certificates of the trading partner (Mythical) and the certificate key-pair of the host (NTO) in the keystore file nto.p12
    • Requester config: AS2 message’s subject, signature/encryption algorithms for the outgoing message and requested Message Disposition Notification (MDN).
  • Authentication:
    • Update the properties as2-basicauth.user and as2-basicauth.password in app.properties file with the credentials to communicate with Mythical Supplier’s AS2 receive service.
    • These should match with the credentials set in the AS2 receiver in the earlier example.

Deploying the AS2 sender

Ensure that the property as2.URL in app.properties is set to the AS2 receiver URL at Mythical Supplier. Deploy the application to CloudHub or a standalone Mule runtime, and NTO Retailer is now ready to send AS2 messages Mythical Supplier’s AS2 receive URL. 

Testing AS2 connectivity

Drop a message in the Anypoint MQ queue b2b-outbound-mythical-as2.q at NTO Retailer.

This message should now be consumed by the AS2 Send app at NTO Retailer, and sent to Mythical Supplier via AS2 protocol.

Inspect the logs of NTO Retailer’s AS2 send application, to ensure the message was successfully sent with a positive MDN coming back.

Mythical Supplier’s AS2 receiver should have received the message, verified the authenticity of the sender (basic auth credentials, AS2 identifier, signature validation, decryption), and published the payload to Anypoint MQ queue as2-inbound-edi.q, with the as2-from id and file name as the user properties.

Inspect the logs of Mythical supplier’s AS2 receive application.

Getting started with AS2 Connector

To get started with Anypoint Platform and AS2 Connector, sign up for a free trial version or learn more about the modern approach to B2B integrations. Anypoint AS2 Connector is a premium connector, requiring additional entitlement. Contact your account representative to obtain a trial license for the AS2 connector.

The AS2 connector works seamlessly with MuleSoft’s Anypoint Partner Manager –– providing end-to-end B2B integration capabilities and supporting B2B transactions to be exchanged via traditional channels as well as through modern API communications – all through Anypoint Platform. 

In the upcoming blog, we will showcase how Anypoint X12 connector can be leveraged to create and parse EDI X12 transactions.