From d50aa8704b7a869cb55e004819422462887bcc58 Mon Sep 17 00:00:00 2001 From: valkyrie69 Date: Thu, 14 May 2026 13:44:41 -0700 Subject: [PATCH 1/2] W-22454128 IP Allowlisting for Connected Apps --- modules/ROOT/pages/osv2-connected-apps.adoc | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/modules/ROOT/pages/osv2-connected-apps.adoc b/modules/ROOT/pages/osv2-connected-apps.adoc index 7ae85bf..48dbbec 100644 --- a/modules/ROOT/pages/osv2-connected-apps.adoc +++ b/modules/ROOT/pages/osv2-connected-apps.adoc @@ -6,6 +6,13 @@ For information about Connected Apps, see xref:access-management::connected-apps-overview.adoc[] and xref:access-management::connected-apps-developers.adoc[]. +[IMPORTANT] +==== +If your organization has IP allowlisting enabled for connected apps, you must either allowlist the outbound IPs of the runtime where your Mule app is deployed, or exempt the connected app from IP enforcement. Without one of these steps, token generation fails and your MQ flows stop processing messages. + +If your app runs on CloudHub without static IPs or on CloudHub 2.0 Shared Space, you must exempt the connected app. These deployment models use dynamic or shared IPs that can't be reliably allowlisted. For guidance on all deployment models and exemption steps, see xref:access-management::managing-ip-allowlists.adoc#configure-ip-allowlisting-connected-apps[Configure IP Allowlisting for Connected Apps]. +==== + [[configure-os-conn-app]] == Configure a Connected App in Access Management From 51687f6f80b33351a838ed2ac47d2de3b02ad155 Mon Sep 17 00:00:00 2001 From: valkyrie69 Date: Thu, 14 May 2026 13:52:10 -0700 Subject: [PATCH 2/2] W-22454128 IP Allowlisting Connected Apps Note --- modules/ROOT/pages/osv2-connected-apps.adoc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/ROOT/pages/osv2-connected-apps.adoc b/modules/ROOT/pages/osv2-connected-apps.adoc index 48dbbec..ad89892 100644 --- a/modules/ROOT/pages/osv2-connected-apps.adoc +++ b/modules/ROOT/pages/osv2-connected-apps.adoc @@ -1,6 +1,6 @@ -= Configuring Connected Apps += Configuring Connected Apps for Object Store -The Connected Apps feature enables you to integrate external applications with Anypoint Platform by providing access to those applications without sharing your user credentials. +Connected apps provide secure, credential-free access to Object Store for external applications and Mule integrations. After creating a connected app in Access Management, use the generated client ID and secret to authenticate with the Object Store v2 API. For information about Connected Apps, see xref:access-management::connected-apps-overview.adoc[] and @@ -8,7 +8,7 @@ xref:access-management::connected-apps-developers.adoc[]. [IMPORTANT] ==== -If your organization has IP allowlisting enabled for connected apps, you must either allowlist the outbound IPs of the runtime where your Mule app is deployed, or exempt the connected app from IP enforcement. Without one of these steps, token generation fails and your MQ flows stop processing messages. +If your organization has IP allowlisting enabled for connected apps, you must either allowlist the outbound IPs of the runtime where your Mule app is deployed, or exempt the connected app from IP enforcement. Without one of these steps, token generation fails and your Mule flows stop processing messages. If your app runs on CloudHub without static IPs or on CloudHub 2.0 Shared Space, you must exempt the connected app. These deployment models use dynamic or shared IPs that can't be reliably allowlisted. For guidance on all deployment models and exemption steps, see xref:access-management::managing-ip-allowlists.adoc#configure-ip-allowlisting-connected-apps[Configure IP Allowlisting for Connected Apps]. ====