Improving MuleSoft User Management with APIs
Customer Scenario
User access and account management is important for cost savings and security. Rogue accounts can increase licensing fees, while open, inactive accounts, create a vector of attack for bad actors. For one client, access management became the victim of their MuleSoft implementation’s success. There were many users from across the organization that had been allocated accounts for MuleSoft, but they lacked a means of tracking, managing, monitoring, and off-boarding and disabling inactive accounts - an essential element for securing their systems.
Solution Approach
A solution was needed to address the issue and provide a simple way to identify and manage unused accounts. Big Compass created an API with hooks into the MuleSoft-provided administrative APIs that automated the creation of a list of user accounts. Users with valid credentials could run the API, which delivered a list of active and inactive MuleSoft users, indicating which accounts hadn’t been accessed in the last 30 days. The application then used the MuleSoft administrative API to disable accounts that were deemed inactive.
Results
The solution decreased the number of active MuleSoft accounts by 20%, and, going forward, the list is perpetually up-to-date, clean, and secure. Additionally, the organization now has a manageable and repeatable process for ongoing account management that still allows widespread access to the organization’s MuleSoft implementation.