External Access: How to share resources across trusted organizations

external-access

Organizations use the power of Anypoint Platform to discover and self-serve their assets across the complete API development lifecycle. It’s used for API specifications, fragments, templates, examples, HTTP APIs, REST APIs, SOAP APIs, and more. 

If they want to share these assets outside of the organization they can use third-party API portals, Anypoint Exchange’s public portal, and the new API Community Manager. But what options are available if they want to share these with an organization’s accounts? With an update of Anypoint Platform earlier this year, a new feature named External Access was released. This feature enables organizations to share resources across multiple organizations directly from Anypoint Exchange.

Who can enable External Access?

Any organization with multiple Anypoint Platform accounts used for different organizations and are looking to share the resources amongst themselves.

Before proceeding, you must identify the organization’s unique domain name for each of the accounts that the resources are to be shared. The domain name is shown on the External Access screen in the Access Management component of Management Center.

Let’s take a look at how an organization setups this new feature.

How to enable External Access

Let’s assume we have two Anypoint Platform organizations: Mule United Airports and Max Airlines.


We have discovered their organization’s domain names (mule-united and max-airlines-5), so now let’s dive into enabling resource sharing:

Step 1: Open anypoint.mulesoft.com in your browser and log in to one of your Anypoint Platform accounts. In this example, I am going to log into the account of Mule United Airports.

Step 2: Once you are logged in successfully, open Access Management (under Management Center) and select ‘External Access’ from the navigation bar available on the left side.

Step 3: In External Access, select the ‘Add Organization’ button. This will display a pop-up window.

Step 4: Enter the domain name of the organization with which you wish to share resources. In this case, it will be the domain name of Max Airlines, which is max-airlines.

Step 5: Next, repeat the same steps in the Max Airlines Anypoint Platform account and add authorization for Mule United Airlines. You can now explore the assets and resources of each other’s exchange repository from within exchange by clicking on the ‘Shared with me’ menu option.

Currently, there are no assets to view because they must be explicitly shared by the other organization.

How to share an API

Once mutual permission has been configured, you can share assets across organizations. 

Step 1: Let’s say I want to share the Max Airline Flights EAPI from Max Airlines with Mule United Airport. I log into the account of Max Airlines and locate the API in Exchange.

Step 2: In the top right corner of Exchange portal, there is a ‘share’ button. Clicking this button opens up a dialogue box that allows you to configure sharing.

Step 3: In the input box, you can specify that all users registered on the Mule United Airports’ Anypoint Platform can access this API.

Step 4: Now all users on the Mule United Airlines Anypoint Platform can access the Max Airline Flights EAPI from within Exchange. The shared API is accessed from the ‘Shared with me’ menu option.

Is it secure to use External Access?

The External Access feature relies on a two-way trust model — meaning that trust must be established between both organizations before access permissions can be granted. The role granted will only have view rights, therefore users of Mule United Airlines can’t edit the Max Airline Flights EAPI. 

Conclusion

The External Access feature permits any organization to share its assets directly with trusted organizations. There is no need to publish them to an API portal or provide user accounts on Anypoint Platform.

If you are interested in how to leverage Anypoint Platform for your organization then consider one of our Operations courses.



We'd love to hear your opinion on this post