SlideShare a Scribd company logo

MuleSoft Integration with AWS Cognito Client Credentials and Mule JWT Validation Policy,MuleSoft as OAuth provider.Dedicated Load Balancer v/s Shared Load Balancer

Download as PPTX, PDF
Manish Kumar Yadav
Manish Kumar Yadav

1. Authorising MuleSoft APIs using AWS Cognito Client Credentials and Mule JWT Validation Policy. 2. MuleSoft AnyPoint Platform Identity Management using AWS Cognito Authorisation code. 3. MuleSoft as OAuth provider. 4. Dedicated Load Balancer v/s Shared Load Balancer. Dedicated Load Balancer Mapping Rules.

Technology
1 of 37
AWS Cognito and Mule JWT Validation Policy
All contents © MuleSoft Inc. What is AWS Cognito? 2 Amazon Cognito is a simple user identity and data synchronization service that helps you securely manage and synchronize app data for your users across their mobile devices. You can create unique identities for your users through a number of public login providers (Amazon, Facebook, and Google) and also support unauthenticated guests. You can save app data locally on users’ devices allowing your applications to work even when the devices are offline. With Amazon Cognito, you can save any kind of data in AWS Cloud, such as app preferences or game state, without writing any backend code or managing any infrastructure. This means you can focus on creating great app experiences instead of having to worry about building and managing a backend solution to handle identity management, network state, storage, and sync. Amazon Cognito User Pools is a standards-based Identity Provider and supports identity and access management standards, such as OAuth 2.0, SAML 2.0, and OpenID Connect. In addition to using the Amazon Cognito-specific user APIs to authenticate users, Amazon Cognito user pools also support the OAuth 2.0 authorization framework for authenticating users.
All contents © MuleSoft Inc. AWS Cognito Uses 3
All contents © MuleSoft Inc. Integrating AWS Cognito Authorization Code With MuleSoft API Manager 4 Authorization Code Grant The authorization code grant is the preferred method for authorizing end users. Instead of directly providing user pool tokens to an end-user upon authentication, an authorization code is provided. This code is then sent to a custom application that can exchange it for the desired tokens. Because the tokens are never exposed directly to an end-user, they are less likely to become compromised.
All contents © MuleSoft Inc. Integrating AWS Cognito Authorization Code With MuleSoft API Manager 5
All contents © MuleSoft Inc. Integrating AWS Cognito Client Credentials With MuleSoft API Manager 6 Client Credentials Grant The client credentials grant is much more straightforward. While the previous grants are intended to obtain tokens for end users, the client credentials grant is typically intended to provide credentials to an application in order to authorize machine-to-machine requests. Note that, to use the client credentials grant, the corresponding user pool app client must have an associated app client secret.
All contents © MuleSoft Inc. Integrating AWS Cognito Client Credentials With MuleSoft API Manager 7
All contents © MuleSoft Inc. JWT Validation Token 8 JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between the two parties. The claims in a JWT are encoded as a JSON object that is used as the payload of a JSON Web Signature (JWS) structure or as the plaintext of a JSON Web Encryption (JWE) structure, enabling the claims to be digitally signed or integrity protected with a Message Authentication Code(MAC) and/or encrypted. ● JWTs are stateless, making tokens easier to manage. ● JWTs can be used to transfer claims securely between parties. ● JWTs are scalable. ○ The payload of a token can be expanded to increase new claims easily. ● JWTs are decoupled in nature allowing authentication to happen on a different server. ● The tokens are compact. JSON format makes the token less verbose than XML. The smaller size allows easier transmission over HTTP. ● JWTs are JSON-based and can be easily parsed by multiple receiving systems, especially mobiles. This enables an industry-wide adoption.
All contents © MuleSoft Inc. JWT Validation Token 9
All contents © MuleSoft Inc. JWT Validation Token 10
All contents © MuleSoft Inc. JWT Validation Token 11
All contents © MuleSoft Inc. JWT Token Algorithm 12 ● Symmetric algorithms – HMAC using SHA-256, SHA-384, and SHA-512. ● Asymmetric algorithms – RSA using SHA-256, SHA-384, and SHA-512. ● None – no signature validation.
Live Demonstration - AWS Cognito & Mule JWT Validation Policy
MuleSoft As OAuth Provider
All contents © MuleSoft Inc. MuleSoft as OAuth Provider 15 The OAuth2 Provider module allows a Mule runtime engine (Mule) app to be configured as an Authentication Manager in an OAuth2 dance. With this role, the application will be able to authenticate previously registered clients, grant tokens, validate tokens, or register and delete clients, all during the execution of a flow. MuleSoft supports various third party OAuth 2.0 providers as listed below ● Okta ● OpenID Connect ● Open AM ● PingFederate MuleSoft can be also used as an OAuth provider for securing the applications.
All contents © MuleSoft Inc. MuleSoft as OAuth Provider 16
All contents © MuleSoft Inc. MuleSoft as OAuth Provider 17
Live Demonstration - MuleSoft As OAuth Provider
MuleSoft Dedicated Load Balancer and Mapping Rules
All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer 20 The OAuth2 Provider module allows a Mule runtime engine (Mule) app to be configured as an Authentication Manager in an OAuth2 dance. With this role, the application will be able to authenticate previously registered clients, grant tokens, validate tokens, or register and delete clients, all during the execution of a flow. MuleSoft supports various third party OAuth 2.0 providers as listed below ● Okta ● OpenID Connect ● Open AM ● PingFederate MuleSoft can be also used as an OAuth provider for securing the applications.
All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer 21 Mapping rules are used on dedicated load balancers to translate input URI to call applications deployed on CloudHub. A pattern is a string that defines a template for matching an input text. Whatever value is placed within curly brackets ({ }) is treated as a variable. Variable names can contain only lowercase letters (a-z) and no other characters, including slashes. Let's consider that we have 2 DNS (i.e. api-dev.example.com and api-test.example.com) setup on a dedicated load balancer. api-dev.example.com is for the Dev environment whereas api-test.example.com is for the Test environment.
All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer - Use Case 1 22 Use Case 1 We are receiving requests on the DLB https://api-dev.example.com/ecommerce/v1.0/invoice and need to redirect them to http://org-ecommerce-api.cloudhub.io/v1.0/invoice (the CloudHub application name will be org-ecommerce-api) We can use this mapping rule to achieve this. This above rule will be applied when requests come on DLB and route to the CloudHub application in the VPC.
All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer - Use Case 1 23 https://api-dev.example.com/ecommerce/v1.0/invoice ==> http://org-ecommerce- api.cloudhub.io/v1.0/invoice
All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer - Use Case 1 24 But here we have some problems that on our DLB, we have set up 2 DNSs, one for Dev and another for Test. Now, how will the DLB know this is a request that needs to route to either the Dev or Test application because the same rule will be applied for both? To avoid this, we will be using a subdomain in the next use case.
All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer - Use Case 2 25 In this case, we will be using a subdomain for routing the request to the correct environment from DLB. Our application name format must be org-app-subdomain (e.g. org-ecommerce-api-dev for dev environment and org-ecommerce-api-test for test environment) when deploying to CloudHub workers in VPC . So, our mapping rule will look like this.
All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer - Use Case 2 26 subdomain is variable to map any subdomain. ● https://api-dev.example.com/ecommerce/v1.0/invoice (DLB) ==> http://org-ecommerce-api-dev.cloudhub.io/v1.0/invoice (CloudHub Dev Environment) ● https://api-test.example.com/ecommerce/v1.0/invoice (DLB) ==> http://org-ecommerce-api-test.cloudhub.io/v1.0/invoice (CloudHub Test Environment) subdomain is variable to map any subdomain. ● https://api-dev.example.com/ecommerce/v1.0/invoice (DLB) ==> http://org-ecommerce- api-dev.cloudhub.io/v1.0/invoice (CloudHub Dev Environment) ● https://api-test.example.com/ecommerce/v1.0/invoice (DLB) ==> http://org-ecommerce- api-test.cloudhub.io/v1.0/invoice (CloudHub Test Environment)
All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer - Use Case 2 27 subdomain is variable to map any subdomain. ● https://api-dev.example.com/ecommerce/v1.0/invoice (DLB) ==> http://org-ecommerce-api-dev.cloudhub.io/v1.0/invoice (CloudHub Dev Environment) ● https://api-test.example.com/ecommerce/v1.0/invoice (DLB) ==> http://org-ecommerce-api-test.cloudhub.io/v1.0/invoice (CloudHub Test Environment) subdomain is variable to map any subdomain. ● https://api-dev.example.com/ecommerce/v1.0/invoice (DLB) ==> http://org-ecommerce- api-dev.cloudhub.io/v1.0/invoice (CloudHub Dev Environment) ● https://api-test.example.com/ecommerce/v1.0/invoice (DLB) ==> http://org-ecommerce- api-test.cloudhub.io/v1.0/invoice (CloudHub Test Environment)
All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer - Use Case 2 28
All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer - Use Case 2 29 In this use case, we solve the issue of routing the request from DLB to the correct environment. Let's consider another scenario where you want to route the request to CloudHub on the basis of the application version. We will see this in the next use case.
All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer - Use Case 3 30 In this case, when we will deploy an application to CloudHub, and it will be in format org-app-subdomain- version (e.g. org-ecommerce-api-dev-v1-0 for Dev environment and org-ecommerce-api-test-v1-0 for Test environment). Whenever we will get request on DLB, then the version in the URL will be v1.0 and v2.0 but when you deploy application on CloudHub it doesn't allow to use "." in the application name. That is the reason we are using "- " in the version of the application deploying to CloudHub. So, our mapping rule will look like this.
All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer - Use Case 3 31 ● https://api-dev.example.com/ecommerce/v1.0/invoice (DLB) ==> http://org-ecommerce-api-dev- v1-0.cloudhub.io/v1.0/invoice (CloudHub Dev Environment) ● https://api-test.example.com/ecommerce/v1.0/invoice (DLB) ==> http://org-ecommerce-api-test- v1-0.cloudhub.io/v1.0/invoice (CloudHub Test Environment)
All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer - Use Case 3 32
All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer Rule Priority 33 DLB will apply the first matching rule regardless of more exact matching rules available. A rule defined first, at index 0 has higher priority against other rules defined after it. The higher the index assigned, the less priority the mapping rule has.
All contents © MuleSoft Inc. References - Articles 34 Implementing Mapping Rules With MuleSoft Dedicated Load Balancer https://dzone.com/articles/implementing-mapping-rules-with-mulesoft-dedicated Authorizing the MuleSoft API Using AWS Cognito User Pool and Mule JWT Validation Policy https://dzone.com/articles/authorizing-the-mulesoft-api-using-aws-cognito-use Implementing MuleSoft AnyPoint Platform Identity Management Using AWS Cognito Authorization Code https://dzone.com/articles/implementing-mulesoft-anypoint-platform-identity-m
All contents © MuleSoft Inc. References - Articles 35 Implementing MuleSoft as OAuth Provider for securing Mule Application https://dzone.com/articles/implementing-mulesoft-as-oauth-provider-for-securi
All contents © MuleSoft Inc. References - Videos 36 Implementing MuleSoft as OAuth Provider For Securing the MuleSoft Application https://youtu.be/IYKaps1ndxI Implementing MuleSoft AnyPoint Platform Identity Management Using AWS Cognito Authorization Code https://youtu.be/PGkORD1CPh8 Authorizing the MuleSoft API Using AWS Cognito User Pool and Mule JWT Validation Policy https://youtu.be/X4KXwzi5yoU
MuleSoft Integration with AWS Cognito Client Credentials and Mule JWT Validation Policy,MuleSoft as OAuth provider.Dedicated Load Balancer v/s Shared Load Balancer

Recommended

Joel Schuweiler_AWS IAM Identity Center (Single Sign On).pptx
Joel Schuweiler_AWS IAM Identity Center (Single Sign On).pptxJoel Schuweiler_AWS IAM Identity Center (Single Sign On).pptx
Joel Schuweiler_AWS IAM Identity Center (Single Sign On).pptxAWS Chicago
 
AWS IAM and security
AWS IAM and securityAWS IAM and security
AWS IAM and securityErik Paulsson
 
AWS IAM Introduction
AWS IAM IntroductionAWS IAM Introduction
AWS IAM IntroductionAmazon Web Services
 
AWS Security Week: Cloud-Scale Authentication & Advanced Authorization with A...
AWS Security Week: Cloud-Scale Authentication & Advanced Authorization with A...AWS Security Week: Cloud-Scale Authentication & Advanced Authorization with A...
AWS Security Week: Cloud-Scale Authentication & Advanced Authorization with A...Amazon Web Services
 
Amazon CloudFront 101
Amazon CloudFront 101Amazon CloudFront 101
Amazon CloudFront 101Amazon Web Services
 
Fundamentals of AWS Security
Fundamentals of AWS SecurityFundamentals of AWS Security
Fundamentals of AWS SecurityAmazon Web Services
 
AWS CloudFormation Masterclass
AWS CloudFormation MasterclassAWS CloudFormation Masterclass
AWS CloudFormation MasterclassAmazon Web Services
 
Amazon Cognito Deep Dive
Amazon Cognito Deep DiveAmazon Cognito Deep Dive
Amazon Cognito Deep DiveAmazon Web Services
 

Recommended

Joel Schuweiler_AWS IAM Identity Center (Single Sign On).pptx
Joel Schuweiler_AWS IAM Identity Center (Single Sign On).pptxJoel Schuweiler_AWS IAM Identity Center (Single Sign On).pptx
Joel Schuweiler_AWS IAM Identity Center (Single Sign On).pptxAWS Chicago
 
AWS IAM and security
AWS IAM and securityAWS IAM and security
AWS IAM and securityErik Paulsson
 
AWS IAM Introduction
AWS IAM IntroductionAWS IAM Introduction
AWS IAM IntroductionAmazon Web Services
 
AWS Security Week: Cloud-Scale Authentication & Advanced Authorization with A...
AWS Security Week: Cloud-Scale Authentication & Advanced Authorization with A...AWS Security Week: Cloud-Scale Authentication & Advanced Authorization with A...
AWS Security Week: Cloud-Scale Authentication & Advanced Authorization with A...Amazon Web Services
 
Amazon CloudFront 101
Amazon CloudFront 101Amazon CloudFront 101
Amazon CloudFront 101Amazon Web Services
 
Fundamentals of AWS Security
Fundamentals of AWS SecurityFundamentals of AWS Security
Fundamentals of AWS SecurityAmazon Web Services
 
AWS CloudFormation Masterclass
AWS CloudFormation MasterclassAWS CloudFormation Masterclass
AWS CloudFormation MasterclassAmazon Web Services
 
Amazon Cognito Deep Dive
Amazon Cognito Deep DiveAmazon Cognito Deep Dive
Amazon Cognito Deep DiveAmazon Web Services
 
AWS Security Best Practices
AWS Security Best PracticesAWS Security Best Practices
AWS Security Best PracticesAmazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityAmazon Web Services
 
AWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAmazon Web Services
 
Amazon ECS
Amazon ECSAmazon ECS
Amazon ECSAmazon Web Services
 
실전! AWS 하이브리드 네트워킹 (AWS Direct Connect 및 VPN 데모 세션) - 강동환, AWS 솔루션즈 아키텍트:: A...
실전! AWS 하이브리드 네트워킹 (AWS Direct Connect 및 VPN 데모 세션) - 강동환, AWS 솔루션즈 아키텍트:: A...실전! AWS 하이브리드 네트워킹 (AWS Direct Connect 및 VPN 데모 세션) - 강동환, AWS 솔루션즈 아키텍트:: A...
실전! AWS 하이브리드 네트워킹 (AWS Direct Connect 및 VPN 데모 세션) - 강동환, AWS 솔루션즈 아키텍트:: A...Amazon Web Services Korea
 
Using AWS Control Tower to govern multi-account AWS environments at scale - G...
Using AWS Control Tower to govern multi-account AWS environments at scale - G...Using AWS Control Tower to govern multi-account AWS environments at scale - G...
Using AWS Control Tower to govern multi-account AWS environments at scale - G...Amazon Web Services
 
Advanced Architectures with AWS Transit Gateway
Advanced Architectures with AWS Transit GatewayAdvanced Architectures with AWS Transit Gateway
Advanced Architectures with AWS Transit GatewayAmazon Web Services
 
AWS networking fundamentals
AWS networking fundamentalsAWS networking fundamentals
AWS networking fundamentalsAmazon Web Services
 
Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015Amazon Web Services
 
Aws overview (Amazon Web Services)
Aws overview (Amazon Web Services)Aws overview (Amazon Web Services)
Aws overview (Amazon Web Services)Jatinder Randhawa
 
AWS 101: Introduction to AWS
AWS 101: Introduction to AWSAWS 101: Introduction to AWS
AWS 101: Introduction to AWSIan Massingham
 
Introduction to AWS Lambda and Serverless Applications
Introduction to AWS Lambda and Serverless ApplicationsIntroduction to AWS Lambda and Serverless Applications
Introduction to AWS Lambda and Serverless ApplicationsAmazon Web Services
 
AWS Control Tower
AWS Control TowerAWS Control Tower
AWS Control TowerCloudHesive
 
AWS Security Hub
AWS Security HubAWS Security Hub
AWS Security HubAmazon Web Services
 
Deep Dive on AWS Single Sign-On - AWS Online Tech Talks
Deep Dive on AWS Single Sign-On - AWS Online Tech TalksDeep Dive on AWS Single Sign-On - AWS Online Tech Talks
Deep Dive on AWS Single Sign-On - AWS Online Tech TalksAmazon Web Services
 
Network Security and Access Control within AWS
Network Security and Access Control within AWSNetwork Security and Access Control within AWS
Network Security and Access Control within AWSAmazon Web Services
 
What is AWS?
What is AWS?What is AWS?
What is AWS?Martin Yan
 
Secure Your Cloud Environment with Azure Active Directory (AD)
Secure Your Cloud Environment with Azure Active Directory (AD)Secure Your Cloud Environment with Azure Active Directory (AD)
Secure Your Cloud Environment with Azure Active Directory (AD)WinWire Technologies Inc
 
AWS IAM -- Notes of 20130403 Doc Version
AWS IAM -- Notes of 20130403 Doc VersionAWS IAM -- Notes of 20130403 Doc Version
AWS IAM -- Notes of 20130403 Doc VersionErnest Chiang
 
Deep Dive into AWS SAM
Deep Dive into AWS SAMDeep Dive into AWS SAM
Deep Dive into AWS SAMAmazon Web Services
 
Meet up slides_mumbai_21032020_final
Meet up slides_mumbai_21032020_finalMeet up slides_mumbai_21032020_final
Meet up slides_mumbai_21032020_finalAkshata Sawant
 
CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0
CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0
CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0Krishna-Kumar
 

More Related Content

What's hot

AWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAmazon Web Services
 
실전! AWS 하이브리드 네트워킹 (AWS Direct Connect 및 VPN 데모 세션) - 강동환, AWS 솔루션즈 아키텍트:: A...
실전! AWS 하이브리드 네트워킹 (AWS Direct Connect 및 VPN 데모 세션) - 강동환, AWS 솔루션즈 아키텍트:: A...실전! AWS 하이브리드 네트워킹 (AWS Direct Connect 및 VPN 데모 세션) - 강동환, AWS 솔루션즈 아키텍트:: A...
실전! AWS 하이브리드 네트워킹 (AWS Direct Connect 및 VPN 데모 세션) - 강동환, AWS 솔루션즈 아키텍트:: A...Amazon Web Services Korea
 
Using AWS Control Tower to govern multi-account AWS environments at scale - G...
Using AWS Control Tower to govern multi-account AWS environments at scale - G...Using AWS Control Tower to govern multi-account AWS environments at scale - G...
Using AWS Control Tower to govern multi-account AWS environments at scale - G...Amazon Web Services
 
Advanced Architectures with AWS Transit Gateway
Advanced Architectures with AWS Transit GatewayAdvanced Architectures with AWS Transit Gateway
Advanced Architectures with AWS Transit GatewayAmazon Web Services
 
Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015Amazon Web Services
 
Aws overview (Amazon Web Services)
Aws overview (Amazon Web Services)Aws overview (Amazon Web Services)
Aws overview (Amazon Web Services)Jatinder Randhawa
 
AWS 101: Introduction to AWS
AWS 101: Introduction to AWSAWS 101: Introduction to AWS
AWS 101: Introduction to AWSIan Massingham
 
Introduction to AWS Lambda and Serverless Applications
Introduction to AWS Lambda and Serverless ApplicationsIntroduction to AWS Lambda and Serverless Applications
Introduction to AWS Lambda and Serverless ApplicationsAmazon Web Services
 
AWS Control Tower
AWS Control TowerAWS Control Tower
AWS Control TowerCloudHesive
 
Deep Dive on AWS Single Sign-On - AWS Online Tech Talks
Deep Dive on AWS Single Sign-On - AWS Online Tech TalksDeep Dive on AWS Single Sign-On - AWS Online Tech Talks
Deep Dive on AWS Single Sign-On - AWS Online Tech TalksAmazon Web Services
 
Network Security and Access Control within AWS
Network Security and Access Control within AWSNetwork Security and Access Control within AWS
Network Security and Access Control within AWSAmazon Web Services
 
Secure Your Cloud Environment with Azure Active Directory (AD)
Secure Your Cloud Environment with Azure Active Directory (AD)Secure Your Cloud Environment with Azure Active Directory (AD)
Secure Your Cloud Environment with Azure Active Directory (AD)WinWire Technologies Inc
 
AWS IAM -- Notes of 20130403 Doc Version
AWS IAM -- Notes of 20130403 Doc VersionAWS IAM -- Notes of 20130403 Doc Version
AWS IAM -- Notes of 20130403 Doc VersionErnest Chiang
 

What's hot (20)

AWS Security Best Practices
AWS Security Best PracticesAWS Security Best Practices
AWS Security Best Practices
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
AWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design Patterns
 
Amazon ECS
Amazon ECSAmazon ECS
Amazon ECS
 
실전! AWS 하이브리드 네트워킹 (AWS Direct Connect 및 VPN 데모 세션) - 강동환, AWS 솔루션즈 아키텍트:: A...
실전! AWS 하이브리드 네트워킹 (AWS Direct Connect 및 VPN 데모 세션) - 강동환, AWS 솔루션즈 아키텍트:: A...실전! AWS 하이브리드 네트워킹 (AWS Direct Connect 및 VPN 데모 세션) - 강동환, AWS 솔루션즈 아키텍트:: A...
실전! AWS 하이브리드 네트워킹 (AWS Direct Connect 및 VPN 데모 세션) - 강동환, AWS 솔루션즈 아키텍트:: A...
 
Using AWS Control Tower to govern multi-account AWS environments at scale - G...
Using AWS Control Tower to govern multi-account AWS environments at scale - G...Using AWS Control Tower to govern multi-account AWS environments at scale - G...
Using AWS Control Tower to govern multi-account AWS environments at scale - G...
 
Advanced Architectures with AWS Transit Gateway
Advanced Architectures with AWS Transit GatewayAdvanced Architectures with AWS Transit Gateway
Advanced Architectures with AWS Transit Gateway
 
AWS networking fundamentals
AWS networking fundamentalsAWS networking fundamentals
AWS networking fundamentals
 
Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015
 
Aws overview (Amazon Web Services)
Aws overview (Amazon Web Services)Aws overview (Amazon Web Services)
Aws overview (Amazon Web Services)
 
AWS 101: Introduction to AWS
AWS 101: Introduction to AWSAWS 101: Introduction to AWS
AWS 101: Introduction to AWS
 
Introduction to AWS Lambda and Serverless Applications
Introduction to AWS Lambda and Serverless ApplicationsIntroduction to AWS Lambda and Serverless Applications
Introduction to AWS Lambda and Serverless Applications
 
AWS Control Tower
AWS Control TowerAWS Control Tower
AWS Control Tower
 
AWS Security Hub
AWS Security HubAWS Security Hub
AWS Security Hub
 
Deep Dive on AWS Single Sign-On - AWS Online Tech Talks
Deep Dive on AWS Single Sign-On - AWS Online Tech TalksDeep Dive on AWS Single Sign-On - AWS Online Tech Talks
Deep Dive on AWS Single Sign-On - AWS Online Tech Talks
 
Network Security and Access Control within AWS
Network Security and Access Control within AWSNetwork Security and Access Control within AWS
Network Security and Access Control within AWS
 
What is AWS?
What is AWS?What is AWS?
What is AWS?
 
Secure Your Cloud Environment with Azure Active Directory (AD)
Secure Your Cloud Environment with Azure Active Directory (AD)Secure Your Cloud Environment with Azure Active Directory (AD)
Secure Your Cloud Environment with Azure Active Directory (AD)
 
AWS IAM -- Notes of 20130403 Doc Version
AWS IAM -- Notes of 20130403 Doc VersionAWS IAM -- Notes of 20130403 Doc Version
AWS IAM -- Notes of 20130403 Doc Version
 
Deep Dive into AWS SAM
Deep Dive into AWS SAMDeep Dive into AWS SAM
Deep Dive into AWS SAM
 

Similar to MuleSoft Integration with AWS Cognito Client Credentials and Mule JWT Validation Policy,MuleSoft as OAuth provider.Dedicated Load Balancer v/s Shared Load Balancer

Meet up slides_mumbai_21032020_final
Meet up slides_mumbai_21032020_finalMeet up slides_mumbai_21032020_final
Meet up slides_mumbai_21032020_finalAkshata Sawant
 
CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0
CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0
CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0Krishna-Kumar
 
MuleSoft Surat Virtual Meetup#25 - Anypoint Platform Features and Capabilitie...
MuleSoft Surat Virtual Meetup#25 - Anypoint Platform Features and Capabilitie...MuleSoft Surat Virtual Meetup#25 - Anypoint Platform Features and Capabilitie...
MuleSoft Surat Virtual Meetup#25 - Anypoint Platform Features and Capabilitie...Jitendra Bafna
 
MuleSoft Meetup Vancouver 5th Virtual Event
MuleSoft Meetup Vancouver 5th Virtual EventMuleSoft Meetup Vancouver 5th Virtual Event
MuleSoft Meetup Vancouver 5th Virtual EventVikalp Bhalia
 
Nashik MuleSoft Virtual Meetup#1 - Shared and Dedicated Load Balancer
Nashik MuleSoft Virtual Meetup#1 - Shared and Dedicated Load BalancerNashik MuleSoft Virtual Meetup#1 - Shared and Dedicated Load Balancer
Nashik MuleSoft Virtual Meetup#1 - Shared and Dedicated Load BalancerJitendra Bafna
 
Mulesoft Meetup Roma - CloudHub 2.0: a fully managed, containerized integrati...
Mulesoft Meetup Roma - CloudHub 2.0: a fully managed, containerized integrati...Mulesoft Meetup Roma - CloudHub 2.0: a fully managed, containerized integrati...
Mulesoft Meetup Roma - CloudHub 2.0: a fully managed, containerized integrati...Alfonso Martino
 
On prem to cloud hub migration (updated)
On prem to cloud hub migration (updated)On prem to cloud hub migration (updated)
On prem to cloud hub migration (updated)Sandeep Deshmukh
 
MuleSoft Surat Virtual Meetup#16 - Anypoint Deployment Option, API and Operat...
MuleSoft Surat Virtual Meetup#16 - Anypoint Deployment Option, API and Operat...MuleSoft Surat Virtual Meetup#16 - Anypoint Deployment Option, API and Operat...
MuleSoft Surat Virtual Meetup#16 - Anypoint Deployment Option, API and Operat...Jitendra Bafna
 
Spring boot microservice metrics monitoring
Spring boot microservice metrics monitoringSpring boot microservice metrics monitoring
Spring boot microservice metrics monitoringOracle Korea
 
Spring Boot - Microservice Metrics Monitoring
Spring Boot - Microservice Metrics MonitoringSpring Boot - Microservice Metrics Monitoring
Spring Boot - Microservice Metrics MonitoringDonghuKIM2
 
IBM Hybrid Cloud Integration UCC Talk, 21st November 2018
IBM Hybrid Cloud Integration UCC Talk, 21st November 2018IBM Hybrid Cloud Integration UCC Talk, 21st November 2018
IBM Hybrid Cloud Integration UCC Talk, 21st November 2018Michael O'Sullivan
 
Aws cloud migration_realestatedesign
Aws cloud migration_realestatedesignAws cloud migration_realestatedesign
Aws cloud migration_realestatedesignAnita Luthra
 
Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager WSO2
 
Refactoring Web Services on AWS cloud (PaaS & SaaS)
Refactoring Web Services on AWS cloud (PaaS & SaaS)Refactoring Web Services on AWS cloud (PaaS & SaaS)
Refactoring Web Services on AWS cloud (PaaS & SaaS)IRJET Journal
 
AWS CodeDeploy: Manage Deployment Complexity
AWS CodeDeploy: Manage Deployment ComplexityAWS CodeDeploy: Manage Deployment Complexity
AWS CodeDeploy: Manage Deployment ComplexityAmazon Web Services
 
Introduction to the WSO2 Identity Server &Contributing to an OS Project
Introduction to the WSO2 Identity Server &Contributing to an OS ProjectIntroduction to the WSO2 Identity Server &Contributing to an OS Project
Introduction to the WSO2 Identity Server &Contributing to an OS ProjectMichael J Geiser
 
quickguide-einnovator-4-cloudfoundry
quickguide-einnovator-4-cloudfoundryquickguide-einnovator-4-cloudfoundry
quickguide-einnovator-4-cloudfoundryjorgesimao71
 

Similar to MuleSoft Integration with AWS Cognito Client Credentials and Mule JWT Validation Policy,MuleSoft as OAuth provider.Dedicated Load Balancer v/s Shared Load Balancer (20)

Meet up slides_mumbai_21032020_final
Meet up slides_mumbai_21032020_finalMeet up slides_mumbai_21032020_final
Meet up slides_mumbai_21032020_final
 
CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0
CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0
CCICI CIP 1.0 Testbed - Security access implementation and reference - v1.0
 
MuleSoft Surat Virtual Meetup#25 - Anypoint Platform Features and Capabilitie...
MuleSoft Surat Virtual Meetup#25 - Anypoint Platform Features and Capabilitie...MuleSoft Surat Virtual Meetup#25 - Anypoint Platform Features and Capabilitie...
MuleSoft Surat Virtual Meetup#25 - Anypoint Platform Features and Capabilitie...
 
MuleSoft Meetup Vancouver 5th Virtual Event
MuleSoft Meetup Vancouver 5th Virtual EventMuleSoft Meetup Vancouver 5th Virtual Event
MuleSoft Meetup Vancouver 5th Virtual Event
 
Nashik MuleSoft Virtual Meetup#1 - Shared and Dedicated Load Balancer
Nashik MuleSoft Virtual Meetup#1 - Shared and Dedicated Load BalancerNashik MuleSoft Virtual Meetup#1 - Shared and Dedicated Load Balancer
Nashik MuleSoft Virtual Meetup#1 - Shared and Dedicated Load Balancer
 
Mulesoft Meetup Roma - CloudHub 2.0: a fully managed, containerized integrati...
Mulesoft Meetup Roma - CloudHub 2.0: a fully managed, containerized integrati...Mulesoft Meetup Roma - CloudHub 2.0: a fully managed, containerized integrati...
Mulesoft Meetup Roma - CloudHub 2.0: a fully managed, containerized integrati...
 
On prem to cloud hub migration (updated)
On prem to cloud hub migration (updated)On prem to cloud hub migration (updated)
On prem to cloud hub migration (updated)
 
MuleSoft Surat Virtual Meetup#16 - Anypoint Deployment Option, API and Operat...
MuleSoft Surat Virtual Meetup#16 - Anypoint Deployment Option, API and Operat...MuleSoft Surat Virtual Meetup#16 - Anypoint Deployment Option, API and Operat...
MuleSoft Surat Virtual Meetup#16 - Anypoint Deployment Option, API and Operat...
 
Spring boot microservice metrics monitoring
Spring boot microservice metrics monitoringSpring boot microservice metrics monitoring
Spring boot microservice metrics monitoring
 
Spring Boot - Microservice Metrics Monitoring
Spring Boot - Microservice Metrics MonitoringSpring Boot - Microservice Metrics Monitoring
Spring Boot - Microservice Metrics Monitoring
 
IBM Hybrid Cloud Integration UCC Talk, 21st November 2018
IBM Hybrid Cloud Integration UCC Talk, 21st November 2018IBM Hybrid Cloud Integration UCC Talk, 21st November 2018
IBM Hybrid Cloud Integration UCC Talk, 21st November 2018
 
Aws cloud migration_realestatedesign
Aws cloud migration_realestatedesignAws cloud migration_realestatedesign
Aws cloud migration_realestatedesign
 
Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager Scalable Deployment Patterns in WSO2 API Manager
Scalable Deployment Patterns in WSO2 API Manager
 
Refactoring Web Services on AWS cloud (PaaS & SaaS)
Refactoring Web Services on AWS cloud (PaaS & SaaS)Refactoring Web Services on AWS cloud (PaaS & SaaS)
Refactoring Web Services on AWS cloud (PaaS & SaaS)
 
Cloud APIs Overview Tucker
Cloud APIs Overview TuckerCloud APIs Overview Tucker
Cloud APIs Overview Tucker
 
AWS CodeDeploy: Manage Deployment Complexity
AWS CodeDeploy: Manage Deployment ComplexityAWS CodeDeploy: Manage Deployment Complexity
AWS CodeDeploy: Manage Deployment Complexity
 
App Service Web
App Service WebApp Service Web
App Service Web
 
CC ASSIGNMENT 01.docx
CC ASSIGNMENT 01.docxCC ASSIGNMENT 01.docx
CC ASSIGNMENT 01.docx
 
Introduction to the WSO2 Identity Server &Contributing to an OS Project
Introduction to the WSO2 Identity Server &Contributing to an OS ProjectIntroduction to the WSO2 Identity Server &Contributing to an OS Project
Introduction to the WSO2 Identity Server &Contributing to an OS Project
 
quickguide-einnovator-4-cloudfoundry
quickguide-einnovator-4-cloudfoundryquickguide-einnovator-4-cloudfoundry
quickguide-einnovator-4-cloudfoundry
 

More from Manish Kumar Yadav

Building Custom Connectors Using XML SDK in Mule 4
Building Custom Connectors Using XML SDK in Mule 4Building Custom Connectors Using XML SDK in Mule 4
Building Custom Connectors Using XML SDK in Mule 4Manish Kumar Yadav
 
Solace PubSub+ MuleSoft Connector for Mule 4
Solace PubSub+ MuleSoft Connector for Mule 4Solace PubSub+ MuleSoft Connector for Mule 4
Solace PubSub+ MuleSoft Connector for Mule 4Manish Kumar Yadav
 
Creating MuleSoft API Template Project Using Maven Archetype
Creating MuleSoft API Template Project Using Maven ArchetypeCreating MuleSoft API Template Project Using Maven Archetype
Creating MuleSoft API Template Project Using Maven ArchetypeManish Kumar Yadav
 
MuleSoft Meetup slides_kualalumpur_19thSept_Undisturbed REST: Achieving Undis...
MuleSoft Meetup slides_kualalumpur_19thSept_Undisturbed REST: Achieving Undis...MuleSoft Meetup slides_kualalumpur_19thSept_Undisturbed REST: Achieving Undis...
MuleSoft Meetup slides_kualalumpur_19thSept_Undisturbed REST: Achieving Undis...Manish Kumar Yadav
 
MuleSoft Clustring, Okta, CI/CD Integration with Jenkins
MuleSoft Clustring, Okta, CI/CD Integration with JenkinsMuleSoft Clustring, Okta, CI/CD Integration with Jenkins
MuleSoft Clustring, Okta, CI/CD Integration with JenkinsManish Kumar Yadav
 
Mulesoft meetup slides mumbai_20113019_exception_handling
Mulesoft meetup slides mumbai_20113019_exception_handlingMulesoft meetup slides mumbai_20113019_exception_handling
Mulesoft meetup slides mumbai_20113019_exception_handlingManish Kumar Yadav
 
Power of Transformation with DataWeave 2.X Engine
Power of Transformation with DataWeave 2.X EnginePower of Transformation with DataWeave 2.X Engine
Power of Transformation with DataWeave 2.X EngineManish Kumar Yadav
 
Mumbai MuleSoft Meetup:Batch Processing, Anypoint Messaging Queue and Custom ...
Mumbai MuleSoft Meetup:Batch Processing, Anypoint Messaging Queue and Custom ...Mumbai MuleSoft Meetup:Batch Processing, Anypoint Messaging Queue and Custom ...
Mumbai MuleSoft Meetup:Batch Processing, Anypoint Messaging Queue and Custom ...Manish Kumar Yadav
 
Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...
Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...
Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...Manish Kumar Yadav
 
MuleSoft Meetup Mumbai Mule 4 Presentation Slide
MuleSoft Meetup Mumbai Mule 4 Presentation SlideMuleSoft Meetup Mumbai Mule 4 Presentation Slide
MuleSoft Meetup Mumbai Mule 4 Presentation SlideManish Kumar Yadav
 

More from Manish Kumar Yadav (10)

Building Custom Connectors Using XML SDK in Mule 4
Building Custom Connectors Using XML SDK in Mule 4Building Custom Connectors Using XML SDK in Mule 4
Building Custom Connectors Using XML SDK in Mule 4
 
Solace PubSub+ MuleSoft Connector for Mule 4
Solace PubSub+ MuleSoft Connector for Mule 4Solace PubSub+ MuleSoft Connector for Mule 4
Solace PubSub+ MuleSoft Connector for Mule 4
 
Creating MuleSoft API Template Project Using Maven Archetype
Creating MuleSoft API Template Project Using Maven ArchetypeCreating MuleSoft API Template Project Using Maven Archetype
Creating MuleSoft API Template Project Using Maven Archetype
 
MuleSoft Meetup slides_kualalumpur_19thSept_Undisturbed REST: Achieving Undis...
MuleSoft Meetup slides_kualalumpur_19thSept_Undisturbed REST: Achieving Undis...MuleSoft Meetup slides_kualalumpur_19thSept_Undisturbed REST: Achieving Undis...
MuleSoft Meetup slides_kualalumpur_19thSept_Undisturbed REST: Achieving Undis...
 
MuleSoft Clustring, Okta, CI/CD Integration with Jenkins
MuleSoft Clustring, Okta, CI/CD Integration with JenkinsMuleSoft Clustring, Okta, CI/CD Integration with Jenkins
MuleSoft Clustring, Okta, CI/CD Integration with Jenkins
 
Mulesoft meetup slides mumbai_20113019_exception_handling
Mulesoft meetup slides mumbai_20113019_exception_handlingMulesoft meetup slides mumbai_20113019_exception_handling
Mulesoft meetup slides mumbai_20113019_exception_handling
 
Power of Transformation with DataWeave 2.X Engine
Power of Transformation with DataWeave 2.X EnginePower of Transformation with DataWeave 2.X Engine
Power of Transformation with DataWeave 2.X Engine
 
Mumbai MuleSoft Meetup:Batch Processing, Anypoint Messaging Queue and Custom ...
Mumbai MuleSoft Meetup:Batch Processing, Anypoint Messaging Queue and Custom ...Mumbai MuleSoft Meetup:Batch Processing, Anypoint Messaging Queue and Custom ...
Mumbai MuleSoft Meetup:Batch Processing, Anypoint Messaging Queue and Custom ...
 
Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...
Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...
Clustering, Server setup and Hybrid deployment setup using Anypoint Runtime M...
 
MuleSoft Meetup Mumbai Mule 4 Presentation Slide
MuleSoft Meetup Mumbai Mule 4 Presentation SlideMuleSoft Meetup Mumbai Mule 4 Presentation Slide
MuleSoft Meetup Mumbai Mule 4 Presentation Slide
 

Recently uploaded

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 

Recently uploaded (20)

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 

MuleSoft Integration with AWS Cognito Client Credentials and Mule JWT Validation Policy,MuleSoft as OAuth provider.Dedicated Load Balancer v/s Shared Load Balancer

  • 1. AWS Cognito and Mule JWT Validation Policy
  • 2. All contents © MuleSoft Inc. What is AWS Cognito? 2 Amazon Cognito is a simple user identity and data synchronization service that helps you securely manage and synchronize app data for your users across their mobile devices. You can create unique identities for your users through a number of public login providers (Amazon, Facebook, and Google) and also support unauthenticated guests. You can save app data locally on users’ devices allowing your applications to work even when the devices are offline. With Amazon Cognito, you can save any kind of data in AWS Cloud, such as app preferences or game state, without writing any backend code or managing any infrastructure. This means you can focus on creating great app experiences instead of having to worry about building and managing a backend solution to handle identity management, network state, storage, and sync. Amazon Cognito User Pools is a standards-based Identity Provider and supports identity and access management standards, such as OAuth 2.0, SAML 2.0, and OpenID Connect. In addition to using the Amazon Cognito-specific user APIs to authenticate users, Amazon Cognito user pools also support the OAuth 2.0 authorization framework for authenticating users.
  • 3. All contents © MuleSoft Inc. AWS Cognito Uses 3
  • 4. All contents © MuleSoft Inc. Integrating AWS Cognito Authorization Code With MuleSoft API Manager 4 Authorization Code Grant The authorization code grant is the preferred method for authorizing end users. Instead of directly providing user pool tokens to an end-user upon authentication, an authorization code is provided. This code is then sent to a custom application that can exchange it for the desired tokens. Because the tokens are never exposed directly to an end-user, they are less likely to become compromised.
  • 5. All contents © MuleSoft Inc. Integrating AWS Cognito Authorization Code With MuleSoft API Manager 5
  • 6. All contents © MuleSoft Inc. Integrating AWS Cognito Client Credentials With MuleSoft API Manager 6 Client Credentials Grant The client credentials grant is much more straightforward. While the previous grants are intended to obtain tokens for end users, the client credentials grant is typically intended to provide credentials to an application in order to authorize machine-to-machine requests. Note that, to use the client credentials grant, the corresponding user pool app client must have an associated app client secret.
  • 7. All contents © MuleSoft Inc. Integrating AWS Cognito Client Credentials With MuleSoft API Manager 7
  • 8. All contents © MuleSoft Inc. JWT Validation Token 8 JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between the two parties. The claims in a JWT are encoded as a JSON object that is used as the payload of a JSON Web Signature (JWS) structure or as the plaintext of a JSON Web Encryption (JWE) structure, enabling the claims to be digitally signed or integrity protected with a Message Authentication Code(MAC) and/or encrypted. ● JWTs are stateless, making tokens easier to manage. ● JWTs can be used to transfer claims securely between parties. ● JWTs are scalable. ○ The payload of a token can be expanded to increase new claims easily. ● JWTs are decoupled in nature allowing authentication to happen on a different server. ● The tokens are compact. JSON format makes the token less verbose than XML. The smaller size allows easier transmission over HTTP. ● JWTs are JSON-based and can be easily parsed by multiple receiving systems, especially mobiles. This enables an industry-wide adoption.
  • 9. All contents © MuleSoft Inc. JWT Validation Token 9
  • 10. All contents © MuleSoft Inc. JWT Validation Token 10
  • 11. All contents © MuleSoft Inc. JWT Validation Token 11
  • 12. All contents © MuleSoft Inc. JWT Token Algorithm 12 ● Symmetric algorithms – HMAC using SHA-256, SHA-384, and SHA-512. ● Asymmetric algorithms – RSA using SHA-256, SHA-384, and SHA-512. ● None – no signature validation.
  • 13. Live Demonstration - AWS Cognito & Mule JWT Validation Policy
  • 14. MuleSoft As OAuth Provider
  • 15. All contents © MuleSoft Inc. MuleSoft as OAuth Provider 15 The OAuth2 Provider module allows a Mule runtime engine (Mule) app to be configured as an Authentication Manager in an OAuth2 dance. With this role, the application will be able to authenticate previously registered clients, grant tokens, validate tokens, or register and delete clients, all during the execution of a flow. MuleSoft supports various third party OAuth 2.0 providers as listed below ● Okta ● OpenID Connect ● Open AM ● PingFederate MuleSoft can be also used as an OAuth provider for securing the applications.
  • 16. All contents © MuleSoft Inc. MuleSoft as OAuth Provider 16
  • 17. All contents © MuleSoft Inc. MuleSoft as OAuth Provider 17
  • 18. Live Demonstration - MuleSoft As OAuth Provider
  • 19. MuleSoft Dedicated Load Balancer and Mapping Rules
  • 20. All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer 20 The OAuth2 Provider module allows a Mule runtime engine (Mule) app to be configured as an Authentication Manager in an OAuth2 dance. With this role, the application will be able to authenticate previously registered clients, grant tokens, validate tokens, or register and delete clients, all during the execution of a flow. MuleSoft supports various third party OAuth 2.0 providers as listed below ● Okta ● OpenID Connect ● Open AM ● PingFederate MuleSoft can be also used as an OAuth provider for securing the applications.
  • 21. All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer 21 Mapping rules are used on dedicated load balancers to translate input URI to call applications deployed on CloudHub. A pattern is a string that defines a template for matching an input text. Whatever value is placed within curly brackets ({ }) is treated as a variable. Variable names can contain only lowercase letters (a-z) and no other characters, including slashes. Let's consider that we have 2 DNS (i.e. api-dev.example.com and api-test.example.com) setup on a dedicated load balancer. api-dev.example.com is for the Dev environment whereas api-test.example.com is for the Test environment.
  • 22. All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer - Use Case 1 22 Use Case 1 We are receiving requests on the DLB https://api-dev.example.com/ecommerce/v1.0/invoice and need to redirect them to http://org-ecommerce-api.cloudhub.io/v1.0/invoice (the CloudHub application name will be org-ecommerce-api) We can use this mapping rule to achieve this. This above rule will be applied when requests come on DLB and route to the CloudHub application in the VPC.
  • 23. All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer - Use Case 1 23 https://api-dev.example.com/ecommerce/v1.0/invoice ==> http://org-ecommerce- api.cloudhub.io/v1.0/invoice
  • 24. All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer - Use Case 1 24 But here we have some problems that on our DLB, we have set up 2 DNSs, one for Dev and another for Test. Now, how will the DLB know this is a request that needs to route to either the Dev or Test application because the same rule will be applied for both? To avoid this, we will be using a subdomain in the next use case.
  • 25. All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer - Use Case 2 25 In this case, we will be using a subdomain for routing the request to the correct environment from DLB. Our application name format must be org-app-subdomain (e.g. org-ecommerce-api-dev for dev environment and org-ecommerce-api-test for test environment) when deploying to CloudHub workers in VPC . So, our mapping rule will look like this.
  • 26. All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer - Use Case 2 26 subdomain is variable to map any subdomain. ● https://api-dev.example.com/ecommerce/v1.0/invoice (DLB) ==> http://org-ecommerce-api-dev.cloudhub.io/v1.0/invoice (CloudHub Dev Environment) ● https://api-test.example.com/ecommerce/v1.0/invoice (DLB) ==> http://org-ecommerce-api-test.cloudhub.io/v1.0/invoice (CloudHub Test Environment) subdomain is variable to map any subdomain. ● https://api-dev.example.com/ecommerce/v1.0/invoice (DLB) ==> http://org-ecommerce- api-dev.cloudhub.io/v1.0/invoice (CloudHub Dev Environment) ● https://api-test.example.com/ecommerce/v1.0/invoice (DLB) ==> http://org-ecommerce- api-test.cloudhub.io/v1.0/invoice (CloudHub Test Environment)
  • 27. All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer - Use Case 2 27 subdomain is variable to map any subdomain. ● https://api-dev.example.com/ecommerce/v1.0/invoice (DLB) ==> http://org-ecommerce-api-dev.cloudhub.io/v1.0/invoice (CloudHub Dev Environment) ● https://api-test.example.com/ecommerce/v1.0/invoice (DLB) ==> http://org-ecommerce-api-test.cloudhub.io/v1.0/invoice (CloudHub Test Environment) subdomain is variable to map any subdomain. ● https://api-dev.example.com/ecommerce/v1.0/invoice (DLB) ==> http://org-ecommerce- api-dev.cloudhub.io/v1.0/invoice (CloudHub Dev Environment) ● https://api-test.example.com/ecommerce/v1.0/invoice (DLB) ==> http://org-ecommerce- api-test.cloudhub.io/v1.0/invoice (CloudHub Test Environment)
  • 28. All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer - Use Case 2 28
  • 29. All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer - Use Case 2 29 In this use case, we solve the issue of routing the request from DLB to the correct environment. Let's consider another scenario where you want to route the request to CloudHub on the basis of the application version. We will see this in the next use case.
  • 30. All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer - Use Case 3 30 In this case, when we will deploy an application to CloudHub, and it will be in format org-app-subdomain- version (e.g. org-ecommerce-api-dev-v1-0 for Dev environment and org-ecommerce-api-test-v1-0 for Test environment). Whenever we will get request on DLB, then the version in the URL will be v1.0 and v2.0 but when you deploy application on CloudHub it doesn't allow to use "." in the application name. That is the reason we are using "- " in the version of the application deploying to CloudHub. So, our mapping rule will look like this.
  • 31. All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer - Use Case 3 31 ● https://api-dev.example.com/ecommerce/v1.0/invoice (DLB) ==> http://org-ecommerce-api-dev- v1-0.cloudhub.io/v1.0/invoice (CloudHub Dev Environment) ● https://api-test.example.com/ecommerce/v1.0/invoice (DLB) ==> http://org-ecommerce-api-test- v1-0.cloudhub.io/v1.0/invoice (CloudHub Test Environment)
  • 32. All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer - Use Case 3 32
  • 33. All contents © MuleSoft Inc. MuleSoft Dedicated Load Balancer Rule Priority 33 DLB will apply the first matching rule regardless of more exact matching rules available. A rule defined first, at index 0 has higher priority against other rules defined after it. The higher the index assigned, the less priority the mapping rule has.
  • 34. All contents © MuleSoft Inc. References - Articles 34 Implementing Mapping Rules With MuleSoft Dedicated Load Balancer https://dzone.com/articles/implementing-mapping-rules-with-mulesoft-dedicated Authorizing the MuleSoft API Using AWS Cognito User Pool and Mule JWT Validation Policy https://dzone.com/articles/authorizing-the-mulesoft-api-using-aws-cognito-use Implementing MuleSoft AnyPoint Platform Identity Management Using AWS Cognito Authorization Code https://dzone.com/articles/implementing-mulesoft-anypoint-platform-identity-m
  • 35. All contents © MuleSoft Inc. References - Articles 35 Implementing MuleSoft as OAuth Provider for securing Mule Application https://dzone.com/articles/implementing-mulesoft-as-oauth-provider-for-securi
  • 36. All contents © MuleSoft Inc. References - Videos 36 Implementing MuleSoft as OAuth Provider For Securing the MuleSoft Application https://youtu.be/IYKaps1ndxI Implementing MuleSoft AnyPoint Platform Identity Management Using AWS Cognito Authorization Code https://youtu.be/PGkORD1CPh8 Authorizing the MuleSoft API Using AWS Cognito User Pool and Mule JWT Validation Policy https://youtu.be/X4KXwzi5yoU