Instructions on authenticating and calling a Mule API using postman.

Basics of calling an API

  1. Make an HTTP POST call to our WU Identity Provider endpoint to receive a JWT (json web token –
  2. Make another call to the Mule API and pass in the JWT.


  • JWT’s expire after 1 hour.
  • You can reuse the JWT to access other API’s

Postman setup

Postman is a tool to test API connectivity and results. This is not required, but is useful. It is not a tool to be used as part of an integration.

Setup Resources

Setup Process

  1. Install Postman
  2. Download the 2 sample postman files
  3. In Postman, click Import

4. Select both of the json sample files you downloaded earlier.

5. You should now have a “WUIT-Public” Collection and a “WU API credentials” environment

6. Click the Cog icon to the right of WU API Credentials

7. Enter your Client ID and Client Secret in the current value fields. Leave the JWT field blank.

Collection Tabs “Body” settings

Be certain to select the x-www-form-urlencoded button

Authenticate and run an API

  1. Open the “IdM Get JWT” in Postman and run it first.  The response will contain the JWT plus other details.
  2. Open the desired API in Postman, update any query parameters if needed and run it.

Mulesoft Authentication Headers

The following headers are supported by all Mulesoft APIs:

AuthenticationBearer (IDM issued JWT)Required.  Client used to obtain JWT must be configured in Cloudhub to have access to the API.
X-Correlation-IDUnique stringOptional. This is typically a UUID value which is recorded in both Cloudhub and Splunk logs for easier tracking and troubleshooting.