MuleSoft API Connector
What is the MuleSoft API Connector?
The MuleSoft API Connector integrates between your Anypoint Platform (MuleSoft) and Qualys TotalAppSec (TAS). Once configured, the connector imports your MuleSoft API infrastructure into Qualys for automated discovery, inventory, and scanning preparation.
| Category | Supported Asset Type | Supported Finding Type |
|---|---|---|
| API Connector | APIs | N/A (Discovery only) |
Prerequisites
- Active TAS module subscription
- Valid Anypoint Platform credentials (username, password)
- Ability to access the following API endpoints from your network
Authentication Details
| Field | Key | Example |
|---|---|---|
| Token URL | authApi |
https://anypoint.mulesoft.com/accounts/login |
| Organization ID | Business Group ID |
Your MuleSoft Anypoint Business Group ID. |
| Environment ID | Environment ID |
Your MuleSoft Anypoint account Environment ID. |
| Client ID | Client ID | The Client ID generated after creating a new App. |
| Client Secret | Client Secret |
The Client Secrete generated after creating a new App. |
Steps to Obtain the Authentication Credentials
Follow the below steps to obtain 4 authentication credentials described above.
Create an App to Obtain Client ID and Client Secret
- Log into anypoint.mulesoft.com
- Navigate to Access Management > Connected Apps
- Click Create App
- Provide Name and Type: Client Credentials Grant
.png)
- Next, click Add Scopes
- Search for View Organization, View Environment, and Exchange Viewer. Select these scopes
- Next, select Qualys as the Business Group
- Select Design and Sandbox as the Environments
- Review the configurations and click Add Scope > Save.
Now, under Connected Apps, you can copy the Client ID and Client Secret from your newly created app.
View Your Environment ID and Organization ID
- Navigate to the API Manager > Click Environment
- Copy the Environment ID and Business Group ID (Organization ID) from the opened window.
Connector Configuration
To activate the feature, you should have TAS module.
TAS > Discovery > Sources > MuleSoft API Connectors.
Basic Details
- Provide a Name and Description
- Select the Qualys Data Model (API Discovery) and Data Model Type (API)
- Provide required Authentication Details
Data Model
The TAS MuleSoft API Discovery Default Data Model offers an out-of-the-box data model mapping with Qualys TAS schema. You can view the schema to understand the attributes in the data model.
Here's the default data model mapping.
Transform Maps
Map the fields from the CSV file to the corresponding fields in your target system. Transform Maps ensure the data is transformed correctly during the import or export process.
The TAS MuleSoft API Discovery offers an out-of-box transform map for you to proceed without further configuration. View the map to understand the data transformation. Customization is optional.
Profile Configuration
Create a profile for your connector. A profile decides the connector status, execution schedule and transform map to choose. The connector follows the configurations of this profile for all future executions.
- Click the "+" to create a new profile.
- In the Add Profile screen, provide the necessary inputs for your new profile.
- Provide a Name and Description.
- Select the required Transform Map for the data mapping.
- The Resource Types determine which resources to select for the profile. The Resource Type determine the required resource whose findings should be ingested by Qualys TAS.
- The Status field determines whether the connector should be in Active or Inactive state after creation.
Lastly, the Schedule section lets you either create a Single Occurrence schedule or a Recurring schedule. Provide the exact date and time for the Single Occurrence execution and provide the Start and End date/time for the Recurring schedule.
Connector States
A successfully configured connector goes through 4 states:
- Registered: The connector is successfully created and registered to fetch data from the vendor.
- Scheduled: The connector is scheduled to execute a connection with the vendor.
- Processing: A connection is executed and the connector is fetching the asset and findings data.
- Processed: The connector has successfully fetched the assets, it may still be under process of fetching the findings. Wait for some more time for the connector to fetch the findings completely.
The Processed state indicates that the Connector is successfully configured but it is under the process of importing all your assets. This process may take some time.
Logs
You can check the logs for the connector configured under the Logs tab.
View Assets in the TAS Application
Follow the steps to view your assets in the TAS application.
Discovered APIs
Here, you can view all the API assets discovered by the Mulesoft connector with additional details like Status, URL, Endpoints, etc.
Additional Resources
Additional Information related to MuleSoft Connector.
API Reference
Here are the APIs executed for the MuleSoft connection.
| Operation | API Endpoint |
|---|---|
| Login | https://anypoint.mulesoft.com/accounts/login |
| Get Active Organizations | https://anypoint.mulesoft.com/apiplatform/repository/v2/organizations/ |
| Get Environments | https://anypoint.mulesoft.com/apiplatform/repository/v2/organizations/ |
| List APIs | https://anypoint.mulesoft.com/apimanager/api/v1/organizations/ |
| Get API Details | https://anypoint.mulesoft.com/exchange/api/v2/assets/ |
| Download Swagger | https://exchange2-asset-manager-kprod.s3.amazonaws.com/... (dynamic path per asset) |
Data Model Map
This section explains the attribute mappings of the values from Mulesoft and Qualys ETM.
|
Source Attribute Label |
Target Attribute Label |
|---|---|
|
groupId |
groupId |
|
assetId |
assetId |
|
name |
name |
|
isPublic |
isPublic |
|
organizationId |
organizationId |
|
masifLocation |
masifLocation |
|
description |
description |
|
version |
version |
|
status |
serviceStatus |
|
type |
apiType |