Blog Post

Overview:

• Autodiscovery is a feature that enables Mule applications to connect with API Manager, facilitating monitoring, management, and policy enforcement for your APIs.
  
• It streamlines API governance by making it easier to link Mule applications to API Manager within the Anypoint Platform.
  
• When should we go for autodiscovery:
  
  
  • When the specification of the API is built inside MuleSoft.
  • When we want to enforce the policies, add services on top of our API.
    
• For autodiscovery, two things are required and those are:
  
  
  • API Instance ID:
    • This is a unique identifier for each API that is generated in the API manager once after the API is imported to the API Manager.
  
  
  • Environment-specific credentials:
    • This includes the client id and client secret for the environment where the API will be deployed.
      
• Advantages of autodiscovery:
  
  
  • Establishing the connection between the API manager and the mule application helps to add a layer of security by authenticating, authorizing requests, and protecting your backend services from unauthorized access and attacks by enforcing some policies.Unlike API Proxy, it does not require separate memory resources to run the mule application.
  • Provides detailed analytics and monitoring of API traffic.
    
• In this blog, we’ll see how to achieve autodiscovery in MuleSoft and we’ll enforce a rate-limiting policy.

Steps:

1. To begin, we’ll start with basic API specifications having a resource with a get method. This resource gives back a welcome message.

2. Then, mock the API and publish it to Anypoint exchange.

3. Next, create a new Mule project and generate its scaffold structure using the API specification published in Exchange.

4. Next, we’ll be adding two loggers to mark the beginning and the end of the flow. By logging the message “Start of flow” ++ (flow.name as String), in expression mode. That’s it for the implementation part.

5. Then after, add a logger to capture and log the payload.

6. Then, we’ll import the API to the API manager from the exchange. For that, we need to navigate to the API manager and click on Add API. Then, select Add new API and select the gateway as Mule team, proxy type as a Basic endpoint, and mule version as Mule4.

7. Then after, select the API that is scaffolded with the application and click on next. As of now, there is no need to configure downstream and upstream. Then save it, and the API will be registered into the API Manager with the status as unregistered.

Keep the Instance ID handy

8. Add the API autodiscovery in global.xml and configure the API ID with the API instance ID and flow name as the main flow.

9. The application is ready to be deployed. To deploy the application directly from the Anypoint Studio, right-click on the application. Select Anypoint Platform, and click on Deploy to CloudHub.

10. Configure the deployment target as CloudHub and in the properties section, we need to add the client_id and client_secret.

11. To get the value of client_id and client_secret, we’ll navigate to the Access Management of the Anypoint platform and select the business organization. Then, go to the environment section and click on the environment it should be deployed. Next, copy the client_id and client_secret.

12. Then, add the value of client _id and client_secret in the properties & then click on deploy application.

13. Once, the application is deployed the status of the API will change to active.

14. Next, we’ll apply the policies on top of our API. For this, we need to select the API in the API manager and click on policies. Click on add policy.

15. For this instance, we’ll add rate limiting on top of our API.

16. We’ll configure the number request in the specified period. For this instance, we’ll configure the limit as 5 requests per minute.

17. Once the policy is added, the API is ready to be tested.

18. After calling the API more than 5 times, we’ll get a 429 status code and an error message as Quota has been exceeded.