API Autodiscovery Explained with Working Demo (MuleSoft Guide)

1. What is API Autodiscovery?

API Autodiscovery is a mechanism that allows your Mule application (running on CloudHub, Runtime Fabric, or standalone) to automatically link itself with an API instance in API Manager using an Auto-Discovery ID.

This allows API policies to become active without modifying your code.

2. Why Do We Need Autodiscovery?

Without autodiscovery:

• API policies will never apply

• No analytics will be collected

• No alerts or SLAs

• No client ID/secret validation

• No security enforcement

With autodiscovery:

• API Manager policies sync automatically

• Security and governance happen without redeploying

• API traffic analytics are captured

• Versioning becomes easy

• Centralized control

3. How API Autodiscovery Works (Internal Flow)

1. You create an API Instance in API Manager.

2. MuleSoft assigns an API Autodiscovery ID.

3. You add this ID in global.xml using the API Autodiscovery element.

4. When your Mule app starts, the runtime:

   • Reads the autodiscovery ID

   • Contacts the API Manager

   • Authenticates using client_id and client_secret

   • Retrieves applied policies

5. Policies are enforced inside your Mule app automatically.

This entire link happens at runtime.

4. Prerequisites

Before starting:

• Anypoint Platform account

• Access to API Manager

• One deployed API on CloudHub or Runtime Fabric

• Client ID & Secret (from connected app)

• Mule Runtime 4.x

• Anypoint Studio / ACB

5. Step-by-Step Working Demo

Below is a complete demo of enabling Autodiscovery in a simple Hello World API.

Step 1 — Create an API in Design Center

1. Go to Design Center → Create New API

2. Add a simple RAML:

Publish the API to Exchange.

Step 2 — Create an API Instance in API Manager

1. Go to API Manager → Manage API → Add API

2. Choose:

   • API type: “Manage API from Exchange”

   • Select the RAML

3. On the next step:

   • Choose Endpoint With Proxy or Basic Endpoint

4. Copy the Autodiscovery API ID

Example : 12345678

We will use this in Mule.

Step 3 — Build Mule Application

Example Mule Flow (hello-api.xml):

Step 4 — Add API Autodiscovery in global-config.xml

Important Notes:

• apiId must match API Manager

• flowRef must point to your entry flow

• No spaces, no typos

Step 5 — Add the API Platform Client Credentials in properties

Add to mule-artifact.json or application properties:

These credentials authenticate your application with API Manager.

Step 6 — Deploy the App

Deploy to:

✔ CloudHub
✔ Standalone
✔ Runtime Fabric

Once deployed → go to API Manager.

You will see:

Status: Active
Green Connected Icon ✔

It means your API has been successfully discovered.

6. Apply a Policy to Test Autodiscovery

Let’s apply Client ID Enforcement:

1. Go to API Manager → Policies

2. Add policy → Client ID Enforcement

3. Save & Apply

Now test the API without credentials:

You will get:

Send correct headers:

Now it returns:

🎉 Autodiscovery is working perfectly!

7. Common Errors & Fixes

❗ Error 1: “Autodiscovery: API not found”

Reason: Wrong API ID
Fix: Copy API ID again from API Manager.

Error 2: “Client credentials missing”

Fix: Add these to properties:

Error 3: “Not registered with platform”

Fix: Application must be deployed (local run won’t work).

Error 4: Using proxy but enabling basic endpoint

Fix: In API Manager → choose Basic Endpoint for Autodiscovery.

8. Best Practices

• Always store client credentials in secure properties

• Use Basic Endpoint for normal Mule apps

• For proxy-based APIs, use Proxy Endpoint

• Apply policies only through API Manager—not in Mule code