Improving MuleSoft User Management with APIs
User access and account management is important for cost savings and security. Rogue accounts can increase licensing fees, while open, inactive accounts, create a vector of attack for bad actors. For one client, access management became the victim of their MuleSoft implementation’s success. There were many users from across the organization that had been allocated accounts for MuleSoft, but they lacked a means of tracking, managing, monitoring, and off-boarding and disabling inactive accounts - an essential element for securing their systems.
A solution was needed to address the issue andprovide a simple way to identify and manage unused accounts. Big Compasscreated an API with hooks into the MuleSoft-provided administrative APIs thatautomated the creation of a list of user accounts. Users with valid credentialscould run the API, which delivered a list of active and inactive MuleSoftusers, indicating which accounts hadn’t been accessed in the last 30 days. Theapplication then used the MuleSoft administrative API to disable accounts thatwere deemed inactive.
The solution decreased the number of activeMuleSoft accounts by 20%, and, going forward, the list is perpetuallyup-to-date, clean, and secure. Additionally, the organization now has amanageable and repeatable process for ongoing account management that stillallows widespread access to the organization’s MuleSoft implementation.