Handling access tokens of Multitenant Applications with Mule ESB


This is a follow up post of  my previous “Using OAuth2 in multitenant applications with Mule ESB”  in which we said that now Mule is smart at automatically handling your tokens. So, in a single tenant scenario you could just do this:

In this case, Mule will automatically handle your tokens by using the connector’s config name (in this case “mySalesForceConnector“) as the token id.

This is not enough for the multitenant case, since different tenants need to have different token ids (otherwise user1 could end up entering user2’s account and everything would be a big mess). So, we added the possibility to force a token id while doing authorization. The same example would look like this:

This is great but imagine a reeaallly large app in which you make extensive use of the Salesforce connector and your token id could always be obtained by the same expression (in our case #[message.inboundProperties[‘tenantId’]]). In such an scenario, it would be quite annoying having to repeat the same expression in every single message processor. Not to mention that if for any reason that expression changes, you would have a lot of places to modify.

Repetition: Worst thing can happen to an artist

So yes, the problem here is repetition. Nothing like a good old default value to fix this. So basically, the big little change in BigHorn is this:

This is how it works:

  • Each time an OAuth2 protected operation is found (and this includes the authorize) we check if the message processor has its own accessTokenId expression. If it does, we evaluate it and use it.
  • If the message processor didn’t provide its own token id, then we look for the default. If there is a default, then we evaluate the expression and use it.
  • If no defaultExpression was found either, then we just use the connector’s config name.

Neat isn’t it? But that’s too much XML. Can I do this in Studio? Sure! He’re is how:

So, nothing more to say than thank you! This is a feature straight from your feedback. If you have more, please bring it on!


Mariano Gonzalez

I first started working on the IT industry in 2001 and I've been working as software architect and team leader since 2006, mainly on BPM/ERP applications for industries in the agriculture, energy, government, IT, telecom and content management industries, serving roles of Team Leader and software architect. Since 2011, I also started to specialize in SaaS applications and integration on the Cloud. I have a strong orientation to both, software architecturing and design as for team management, I'm constantly looking for challenges that allows me to develop and increase my social and technical skills

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>