Making Policies Optional for a Single API in Mule 4

The blog will showcase how to create two API IDs for one single RAML, creating two main flows, and configuring different auto-discovery for both the flows with different API IDs.

We will apply both Oauth 2.0 and ClientIdEnforcement policy to the application. For that we did the following:

1. Created two APIs in the API manager from the same and common RAML. This will generate two API IDs.
2. Generate the flow from the RAML. Once the flow is generated we modified the flow by adding one more main flow in the application.
3. Configured auto-discovery for the individual main flows.

RAML:

API Manager:

HTTP Configuration:

Main Flows and Configurations

Flow 1:

Flow 2:

Global Configuration:

Properties file:

After all the configuration are done the implementation will look like as below:

ClientIdEnforcement is applied to Main flow 1 with API ID: 16425869

Oauth 2.0 is applied to Main flow 2 with API ID: 16450161

Now will perform a test and check how the applications work with different scenarios:

For Flow 1:

With Client Credentials: (Client ID and Secret enabled)

Without Client Credentials: (Client ID and Secret disabled)

When the Valid Client ID and Secret was provided the API returned with a valid response but when Client ID and Secret were not provided it returned an error.

For Flow 2:

With Oauth 2.0: (authorization enabled)

Without Oauth 2.0: (authorization disabled)

When the authorization with Valid Token was provided the API returned with a valid response but when the authorization was not provided it returned an error.

Note: We can also write custom policies to achieve the same but the blog is to showcase an additional option to achieve the same (but with two different URLs).