What’s new in access management?

blog security apis

This blog describes upcoming Anypoint Platform features within access management, mapping them to the most common use cases and customer needs. 

We’re extremely excited to take access management to the next level with simple and effective access controls that create a zero-friction experience for members of your organization. With the new addition of “Teams,” collaboration and reuse are only a few clicks away. In this blog, you will learn how to structure user access based on their role, assign permissions to multiple users at once, onboard new members in a few clicks, and much more. 

Before diving into the details of the new feature, let’s review the basics of access management. In the diagram below, user identities are on the left and resources (such as Exchange assets, Design Center projects, etc.) are on the right. In the middle are the access controls, which for simplicity, we abstracted via familiar CRUD

When managing permissions, consider the most obvious use cases of a single user requesting access to a single resource. In our case, Sam needs read access to the Shipping API. To learn more about how Anypoint Platform can be used for this use case, read our documentation page

But what happens when multiple users require the same access? How can you share a collection of resources in the most efficient way possible? This is when Teams and Business Groups can help. 

Using existing Business Groups feature, organizational boundaries can be implemented so that integration assets are only visible to people with access to a certain group. Serving as a collection of resources, Business Groups allow administrators to assign access controls to many resources at once. 

The new Teams feature, on the other hand, provides a foundation for user grouping. This enables organizations to group users based on their roles in the organization, simplifying permission management.

Teams use cases

There are many ways Teams can benefit your organization, but we suggest focusing on the following use cases:

  • Assign default access controls across all users within your organization. With a few clicks, you can set permissions that will be automatically assigned to all users who join your organization, either through SSO or user invite flow.
  • Defining access controls for specific teams. Further tailor access controls based on what each defined team is responsible for. For example, define access so that DevOps has access to Production, while all other engineers can only deploy code to lower environments.
  • One-click access controls for new members. Use Teams to assign a set of permissions defined for existing teams when a new member joins your organization. This means simple onboarding and zero-friction experience for new users.
  • Sharing assets via Teams. Share assets with internal teams via Anypoint Exchange. This use case also allows users to share assets with everyone within your organization in a few clicks. 
See Teams in action.

How do I get access?

MuleSoft customers who are interested in Teams can sign up for early access. We will vet our beta participants based on certain criteria, such as the total number of users, configuration with external identity providers, etc. 

Sign up now for the beta and we will get in touch. 

Once Teams are officially released, we will send a release announcement and publish an update on our documentation site

Stay tuned!

We'd love to hear your opinion on this post

One Response to “What’s new in access management?”

  1. Great article. I would like to be able to protect APIs in Designer and in API Manager so only a person (or a group) is able to edit the API in Designer or to assign policies in the API Manager. Currently, all the users with permissions to a business groups and an environment can edit all the APIs on that area, no matter if that API is not theirs (in fact, I do not find in API Manager a field that indicates which person is the owner of an API). Do you know if Teams is going to add a fine-grained control on Designer and API Manager?