hello friends my name is eternal Bhavna today we are going to see how you can use mule swap as a word provider there are we this third party or what provider we supported by mule shot like octa open um there is a double use cognitive windows azure is there so they are various like or third party or provider supported by Millsap but in case like somebody want to use mules or desert or provider it is possible so we were going to see this in this video how it is possible okay so let me do one thing so first we will create one small application is a file mule new project I will say mule or provider simply say finish so before like you start with writing your flow you need to go to exchange and download you know some of the or provider modules so go to what Maxine's say Oh what simply over provided module I also want to we will also require the object store for storing the token and the clients and I will simply say finish okay now I will go to global elements in global element I will create two objects toward one is for storing the client and one is for storing the token so it should be the persistent object store to let me do object store search for object store so I will get to object store one is for storing the client so I will say client OS I will keep as a persistent object store now second I will create a token object store token OS okay I will keep this as a persistent now I have to configure or provider let me search this is or to provider config so just good these are the very important settings the first thing you have to do the listener config so that is simple HTTP listener I will keep all as it is okay let's wit so STD relational configuration Mindanao we have to provide the client store that is the client object stored which we have created and like what are the supported grant type we will going to use line credentials there are various grant types authorization code there's a client credential there's a implicit code so we will use line credential so client credential is a simpler what grant type so we're basically you pass the client ID and client secret you get a token back and you can pass that token into authorization header to get your request authorized line credentials okay you don't have to pass any scopes you can pass if you want now you want to token URL so basically my token here will be selects less token and you have to give the token object store so basically it will store all the tokens or persist all the tokens here which is generated so token title will be around 86,400 seconds you can reduce it as per your requirement okay and let me go through all the settings again so basically what we have done we have set up the HTTP listener config we have defined object store you can define the scopes you want I don't want any scopes right now and token and all those things like this is my token URL so like you once you create a client the client ID and client secret know your do generator - can you pass the client ID and client secret - token URL token URL we give to get token back to you and simply say okay these are the settings we have to do in the global element now now we have to create now we have to generate the client ID and client secret so we will generate that flow we will have a HTTP listener in path I can say create client ok now there is a module in know what model this is something called create client ok what pride have a create claim so this is very useful in generating client ID in the client secret and storing into the client object store so from here you can get a client ID I can get a client ID from attributes dot header dot client ID copy this paste it in client secret paste it in just open this open this change the name to client I do client secret this client maybe is not that important description you can keep it empty principal you can keep it empty you can define the redirect URL into array so I will just say abc.com this is basically used for authorization code not require here no grant type true I will just allow client gated in C else lookey scope I will give as it is feel it present so these are the settings you need to do for the create claim ok there is one more setting type you change this type to confidential not the other thing set bill load here I can say client created this is one flow now we want to generate the validate token flow so okay so well how we where we will going to validate the token so for that we will require one more HTTP listener just drag and drop into your mule pilot in the sorry it's bit slow simply in part you can say validate that's it no mule dropped or what provided or or module also have something called validate token drag and drop okay and by default you will see access token this is by default I can explain this statement so what does this mean so it reads from the authorization header and split by space so basically you pass authorization header into means request as is authorization be error and then token so it split be error and token and the one it split be error and the token and like it so it just basically extract the token from the header okay so this is what like it split be error in the token and read the array so first error will be there this token fine no you can use the transform message drag and drop CP lor and Jason say all this so now we have a three URL one is for Kiryat client one is for generating the token so that slash token URL has been defined in what provider configuration okay and third is for validate token let me run this project I will say with everything [Music] let's wait till application get started [Music] okay the application has been deployed successfully and now we will see how we can use that safe all three URLs the first URL is a create client let me open a create client configuration in create kind client configuration we are reading client ID client secret and client name from the header so we pass the client ID client secret client name into the header and we will just say send so it will create a client created so this client has been created now now client ID and the client secret has been created and stored in the client object store now we have presented token so was ending to token we have to pass the client ID which we observed ated in previous previous step client secret and the grand type equal to client care initially if I don't pass the plan type it will give error let me show that so we have to pass the grant type I will say send so it will generate a token for us now we have to validate this token I will copy this and I will validate this token just remove this okay just saying if you get to this this is this has been valid at this successful if I may who played this token it will give the token is invalid okay so these are the three URL which is used for you know for using mule swap is over provider so basically once you create the two client you don't have to call this you are this is first time you create the client ID client secret like then you have to generate token like after F every 86,400 seconds you can reduce that so generally we don't keep touch this much of time so we generally keep 60 minutes not more than that sorry 60 minutes here so currently it's 86,400 seconds so you can SEP like you can decrease the value and finally we validate the token no I have already one application deploy in my run time manager there is no author ation on the top of that application okay so they basically there's no policy let me show you this is the application test step cloud and I will send it so I get the response back there's no authentication nothing it's simple right now what I will do let's deploy this war module or provider into the cloud up so let me do export next I will finish it okay the application X me export it now I will deploy it I will say deploy application I will say mule what app choose file let me where I I think it's in users del I need to pick latest one what is the time now this is the file deployed so let's wait while application is deploying let me go to application and let me copy this DNS and I will change from local host to let me check the locks your application has been deployed okay so now we will skillet it to because like we currently we have created the client ID in the client secret on the local see you okay bye okay so we have created on local but we have procured on the cloud up we will create it again send the client has been created now I will just validated - I will generate a token a be error token and I will copy this I will try to validate it it will feel okay just send it so this has been validated now successfully but still we need to apply a policy on the top of this application so what I will do I will go to API manager so I have deployed this API already in the API manager so I need to setup the policy I will go to version 1.0 I will say policy apply new policy then I will say what access token enforcement using mule so provider I will configure the policy I will be requiring the validate URL I will copy this okay so I provide access token validation endpoint skip client ID validation apply so let's wait till policy get applied on that petition it takes some time not much like some 15 second to 20 seconds okay so let's let's go back to testing I will say sent but still I am getting the successful response okay okay now error X token was not provided the policy has been applied now so now we will generate a token again now we don't want to elevate the token again so the token will be automatically validated by this pot that policy applied there sorry let me copy the token we have generated token okay so I put B error and this eye token which we have generate send a request it is successful okay now I will try to manipulate the token it should fill see okay so let me control J do it again so I will say B error and I will pass the token it again it successful okay so this is how you can use mules or as a or provider for your application I hope you like this video if you have any question or any doubt you can comment on this video