Lilly Hulse, Digital Technology Solutions Degree Apprentice at Bentley Motors, presented during our Developer Meetup at MuleSoft CONNECT Digital EMEA in June. She is fairly new to using MuleSoft and shares her journey creating her first APIs while working at Bentley. In this post, she will tell her story and offer tips for how other developers can start their own MuleSoft journey. Below, she discusses how she delivered her first MuleSoft project to unlock data at Bentley.
My MuleSoft journey
I started at Bentley in September 2019, straight after finishing my final year of secondary school. My original focus was app development, however, I was quickly placed on a pioneering project and realized I would need to utilize APIs to deliver the project. Thus, I began my MuleSoft training journey including a one-day workshop at the London Salesforce Tower and completing the one-week Anypoint Platform Developer Fundamentals Training course. This helped me learn best practices for API development and delivery.
My journey has currently led to my first MuleSoft project for Bentley. Before diving into the Halo project, I want to provide some background on Bentley Motors and our utilization of technology throughout the company.
Bentley Motors background
Walter Owen founded Bentley Motors in 1919. He created the company with the simple objective to build a fast car, a good car, the best in its class. This guiding principle has driven Bentley ever since. This next century, we are striving to enhance customer experience and my department focuses on applying technology in all areas of the business to do so. However, as we pioneer new projects within Bentley, we have experienced certain integration problems that needed to be resolved before successfully implementing our new apps and other system changes.
Integration problems to resolve
Bentley is part of the Volkswagen group (VW group) meaning it follows group guidelines for data classification. The classification breaks down into four types of data:
The Halo project, in particular, required accessing secret data which is the most challenging because it’s required to be encrypted in transit and at rest. The knowledge of secret data by unauthorized persons endangers the company and the VW group in general. An example of secret data is key performance indicators (KPIs) which are very important to keep secure when accessing.
In addition to heightened integration precautions, Bentley had never accessed secret data in mobile applications. Starting from scratch, we had to find a way to be sure that our mobile app was secure and met the VW group standards. Furthering this dilemma, we were reliant on one person at Bentley to produce all of the MuleSoft APIs. This created a bottleneck for our IT team. Moreover, the urgency for a resolution was increased due to the COVID-19 remote working policy.
The Halo project
This is my first project at Bentley and focuses on developing a mobile application for senior executives across the business that handle secret data. We had to find a way to ensure that the secret data we were accessing was encrypted in transit and at rest and that it is audited by the specific users accessing the data. Because of these guidelines, our authorization process needed to be changed on mobile applications. The data was required to be transported electronically and encrypted from an encrypted database and encrypted file share to the users’ mobile devices. We chose MuleSoft to help us successfully implement APIs as the solution.
What I built with Anypoint Platform
Using Anypoint Platform, we built the Open ID connect Identity Provider (OIDC IDP). Fortunately, we did have some parts of OIDC IDP built so we didn’t have to build it entirely from scratch. Rather, we made changes to pass the Java Web Tokens to audit the data accessed. We also built seven APIs to resolve the problem we had with accessing secret data.
- Two System APIs
- Three Process APIs
- Two Experience APIs
First, we took the requirements from the business owner of the application we were building and defined the end-points we would require as well as the HTTP methods. This is an important step to take because mapping out the API specifications means you don’t have to keep running back to the owner of the application, thereby reducing development time. Next, we broke these specifications, endpoints, and HTTP methods down into separate APIs. To start, we created two System APIs that connect the encrypted database and the encrypted file share. We then needed four Process APIs, one of those already existed at Bentley so we were lucky and reused this API. For the three new Process APIs, we specified these so that they would also be reusable in future applications. Finally, we created two Experience APIs, to pull the Process APIs all together which was required for our separate mobile applications. In the diagram below, you can see how all of these APIs work together.
Once we completed the initial building of these seven APIs, we then created a basic API template specifically for Bentley for reuse. I can use this template for any APIs I wish to develop in the future, rather than starting from scratch. For the Halo project, since we knew the type of APIs needed and the endpoints, we made adjustments to the basic RAML template in API Design Center to create separate, specialized templates for each API. The finished designs were then published to Exchange so they could be accessed by anyone. We included relevant documentation for developers so they could see if the API could be reused for their own projects. Once these templates were published in Exchange, we put them into Anypoint Studio and configured the RAML so that the APIs were ready for testing. We used relevant error handling for the APIs so that they were secure enough for live use. We then published them to API Manager so that they can be reused and deployed into live environments.
Impact of my work
By creating reusable APIs with Anypoint Platform, we resolved the integration problems Bentley was facing. Now, our team can access the secret data and it doesn’t have to be through a Bentley PC on the Bentley VPN. Bentley is also making lots of use of the API ecosystem by implementing best practices that have increased reusability across our APIs. Less time is spent on development and our products are quicker to the market, allowing us to really realize the benefit of the data we are accessing. As a result, our team accelerated the Halo project which opens up opportunities for more pioneering projects across the business and customer-centricity in sales and marketing.
While the APIs I originally designed were for the mobile application, one API is already being reused and utilized as part of Bentley’s COVID-19 response to unlock other data. We are also using secret data API logic for factory ramp up, as well as, supporting remote working for those who do not necessarily need to be onsite in this current climate.
Overall, working with MuleSoft has been a great opportunity — not only for myself, but for Bentley as well. As we work more with MuleSoft, we will rely heavily on API development and plan to train more colleagues in the future. I am excited to build more APIs for Bentley and continue my MuleSoft training. Based on my experience, I encourage developers looking to begin their MuleSoft journey to follow these tips:
- Be aware that MuleSoft’s support and the whole community can help you learn and develop to utilize the platform.
- The MuleSoft Professional Services is a great resource for anyone working on their first project.
- Utilize the MuleSoft Help Center, specifically the Forum, which includes articles and technical resources to assist your development if you get stuck.
- Jump in with both feet because there is support available.
Lastly, you can reach out to me on LinkedIn if you have any questions or are interested in trying out the solution described above! I look forward to hearing from you.
You can watch my presentation at MuleSoft CONNECT Digital EMEA here!