How to secure properties before deployment in Anypoint Studio

In the previous article, we learned how to configure an HTTPS endpoint in Anypoint Studio. In this tutorial, we are going to learn how to create a secure properties file. This properties file is where you will want to insert information such as private keys, client enforcement tokens, or other bits of information that you will want to reuse in multiple places in your project. When your Mule flows start to become long and robust, having all of your variables in a properties file will allow you to only change values in one place without having to modify every instance of that value throughout your project.
Whenever you are storing global variables, unique tokens or keys, or login credentials, you should always store them in a local.properties file. Storing all of your variables in a single file will help keep your project organized, and if you ever need to make a change to an existing system or migrate the integration, you won’t have to make any manual modifications to your existing code.
To create a local.properties file, right-click on src/main/resources and click on New -> File and name the file local.properties. Make sure you save the file in your src/main/resources folder.



Now that you have successfully created the file, double click on your local.properties file to add a new entry. Every line on your local.properties file can be used for a unique property.
Add the properties:salesforceUsername=yourUsername
salesforcePassword=yourPassword
After you have entered your private credentials into the local.properties file, the next step is to search Exchange for the Mule Secure Configuration Properties extension.

Once you import your Mule Secure Configuration Properties extension, go to the Global Configuration Elements screen. Click the Create button and add a new Global Property. For the name, type: secure.key and for the Value: WhateverKeyYouWant. For this example, we used MuleSoft as the key which is what we will use to encrypt the contents of our local.properties file.

Next, click the Create button again and create a Secure Properties Configuration. Under File, type the file name where your properties are stored. Under key, type: ${secure.key} which matches the value under the Global Property Configuration.

Create your flow by dragging an HTTP Listener into the scene. Then important the Salesforce connector and add the Create component to the flow. Select the type to be: Lead and for the dataweave code:

When you configure your Salesforce Connector configuration, enter your secure properties as follows:
${secure::salesforceUsername}
${secure::salesforcePassword}
These are the same values that you defined in your local.properties file. You can use this dollar sign and curly brace notation throughout your MuleSoft Anypoint Studio project in order to access variables from your local.properties file.

Next, open up your local.properties file with the Mule Properties Editor.

In the table editor, double click on your Salesforce Username. Currently, your username is in plain text. We are going to need to encrypt these values using the Mule Properties Editor. Click the Encrypt button.

Select the same algorithm that you selected when you created your Global Properties file, in the case blowfish. For the Key, make sure the key you enter matches the one you entered in your Global Property configuration. In the case of this tutorial, we entered: MuleSoft.

It’s important that before you deploy your application to CloudHub, that you add your secure.key value to your deployment properties. Currently, all of the contents of your local.properties file are encrypted. In order for your mule application to decrypt those credentials, you will need to pass the key you defined on deployment.

Remember, this credential will be accessible to anyone who has access to your Anypoint Platform Account. If you want your properties hidden on CloudHub, you will need to update your mule-artifact.json in your mule application. To view instructions on how to do this, please visit the MuleSoft documentation located here.
Nice job completing this tutorial and learning how to create a secure properties file that you can use to reference important variables in your Mule application. If you found this tutorial helpful, please give it a rating below.