Mulesoft

Mulesoft

Enterprise API management and integration platform

Overview

MuleSoft provides API management and integration software for enterprises. Its main offering, Anypoint Platform, lets organizations design, deploy, secure, govern, and monitor APIs and integrations at scale, connecting applications, data, and devices across environments. The product works through a unified platform that supports API design and development, data mapping, connectors, workflow orchestration, and governance, delivered as a subscription with various tiers and optional professional services. What sets MuleSoft apart is its API-led connectivity approach and emphasis on governance and scalability for large organizations, government agencies, and mid-sized businesses, enabling consistent connectivity and control across complex landscapes. The company aims to help customers accelerate digital transformation, improve productivity, and streamline operations by enabling seamless data and application integration across the enterprise.

Significant Headcount Growth

About Mulesoft

Simplify's Rating
Why Mulesoft is rated
C-
Rated C on Competitive Edge
Rated C on Growth Potential
Rated D+ on Differentiation

Industries

Data & Analytics

Enterprise Software

Company Size

1,001-5,000

Company Stage

Acquired

Total Funding

$7B

Headquarters

San Francisco, California

Founded

2006

People at Mulesoft

People at Mulesoft who can refer or advise you

Simplify Jobs

Simplify's Take

What believers are saying

  • AI Gateway LLM capabilities (GA 2026) enable unified, secure routing to Gemini and GPT with prompt guard and cost tracking.
  • 40 new connectors (April 2026) support low-code automation in finance, marketing, and ITSM, expanding cross-platform integration reach.
  • Integration Intelligence (GA March 2026) uses Salesforce Data 360 and Tableau Next to detect systemic degradation and reduce engineering cycles.

What critics are saying

  • Salesforce integration of MuleSoft into core CRM will erode standalone Anypoint adoption, causing 45–60% revenue loss in 12–18 months.
  • Red Hat and Kong are capturing mid-market clients with open-source, lower-cost API gateways for GraphQL/WebSocket, risking 35–50% market share in 6–12 months.
  • GoDaddy ANS dependency creates critical single-point failure; DNS poisoning or revocation could shut down 1,600+ agentic workflows in 12–24 months.

What makes Mulesoft unique

  • MuleSoft unifies API-led connectivity with Anypoint Platform, enabling seamless integration across cloud and on-premises systems without code.
  • Its AI Gateway and Omni Gateway deliver OpenAI-compatible control, semantic routing, and real-time LLM governance for enterprise AI adoption.
  • FIPS 140-3 compliant Government Cloud ensures FedRAMP-ready cryptographic security, critical for federal public sector integration workloads.

Help us improve and share your feedback! Did you find this helpful?

Funding

Total Funding

$7B

Above

Industry Average

Funded Over

9 Rounds

Notable Investors:
Acquisition funding comparison data is currently unavailable. We're working to provide this information soon!
Acquisition Funding Comparison
Coming Soon

Benefits

Health Insurance

Professional Development Budget

Growth & Insights and Company News

Headcount

6 month growth

7%

1 year growth

5%

2 year growth

8%
MuleSoft
Jun 27th, 2026
MuleSoft Government Cloud now supports FIPS 140-3 compliant runtime.

MuleSoft Government Cloud now supports FIPS 140-3 compliant runtime. June 26, 2026 | 6 mins read MuleSoft is excited to announce that FIPS 140-3 compliant Mule Runtime is now generally available (GA) for MuleSoft Government Cloud, a significant milestone in its commitment to meeting the highest federal security standards for its public sector customers, ensuring your integration workloads satisfy FedRAMP mandates without additional tooling. Upgrade your Government Cloud environment to the current federal cryptographic standard. This release ensures that every cryptographic process within the Mule Runtime meets the rigorous requirements set forth by the U.S. federal government to protect sensitive, unclassified data. What is FIPS 140-3? FIPS 140-3 (Federal Information Processing Standard Publication 140-3) is the latest U.S. federal government standard that defines strict security requirements for cryptographic modules used in IT systems. It is the successor to FIPS 140-2 and is required for any system that processes, stores, or transmits sensitive government information. For government agencies and organizations handling federal data, using FIPS-validated cryptography is a regulatory mandate, not optional. What this means for customers: Benefits and availability. You can now run your MuleSoft Government Cloud workloads on Hybrid Standalone (HSA) and CloudHub 1.0 (CH1) deployment models with full FIPS 140-3 compliance built directly into the runtime, with no third-party cryptographic solutions required. * Meet FedRAMP compliance requirements Ensure your MuleSoft Government Cloud integration workloads satisfy federal cryptographic security mandates without additional tooling or workarounds * Align with federal security frameworks: Whether you're operating under FedRAMP, FISMA, or other compliance frameworks, this release ensures your cryptographic processes meet the required standards * Operate with confidence in regulated environments: Remove compliance uncertainty and run your integration workloads knowing that cryptographic operations are fully validated against federal standards * No alternative solutions needed: FIPS 140-3 compliance is built into the runtime, eliminating the need to seek third-party cryptographic solutions This release is available to all MuleSoft Government Cloud customers using: * Hybrid Standalone (HSA) deployments: Mule applications hosted and managed in customer's own Data Centers or Private/Public Clouds * CloudHub (CH1) deployments: Mule applications hosted on MuleSoft Government Cloud Getting started. Ready to take advantage of FIPS 140-3 compliant runtime in your MuleSoft Government Cloud environment? Upgrade to Mule Runtime 4.9 LTS patch version 4.9.18 or later that supports FIPS 140-3 compliance and get started with its FIPS 140-3 support documentation. Its commitment to security-first integration. This release reflects MuleSoft's deep commitment to serving government agencies and security-conscious organizations. As federal security standards continue to evolve, MuleSoft remain dedicated to ensuring that MuleSoft Government Cloud provides a trusted, compliant platform for the most sensitive integration workloads. MuleSoft Government Cloud meets the highest federal cryptographic security standards, enabling agencies and regulated organizations to integrate with confidence. Effective September 21, 2026, the National Institute of Standards and Technology (NIST) will officially transfer every FIPS 140-2 validation into 'Historical' standing. To prevent FedRAMP compliance findings, MuleSoft strongly encourage upgrading your integration applications and underlying Mule runtimes to FIPS 140-3 validated versions before any upcoming security assessment scheduled past this deadline.

MuleSoft
Jun 25th, 2026
How to set up MuleSoft MCP Servers in API Catalog.

How to set up MuleSoft MCP Servers in API Catalog. June 25, 2026 | 13 mins read If you've used API Catalog to integrate MuleSoft APIs with Agentforce, you already know the value of having a governed, centralized catalog of enterprise APIs available to your agents. Now, with Model Context Protocol (MCP) server support in API Catalog, you can extend that same experience to the open standard that AI agents across the industry are adopting. MCP gives agents a universal way to discover and call external tools and with API Catalog, Agentforce Agents can now call these MCP Servers. This guide walks you through the complete setup: from syncing your MuleSoft MCP servers into API Catalog, to creating secure connections, allowlisting tools, and activating agent actions so your Agentforce agents can use them. By the end, you'll have a working MCP server that Agentforce can discover and call - with full enterprise-grade security in place. Before diving into the setup, make sure you have the following in place. Missing any of these prerequisites is the most common reason developers get stuck during configuration. Salesforce org requirements: * A Salesforce org with Lightning Experience enabled (Developer, Enterprise, Performance, or Unlimited Edition) * API Catalog feature enabled in your org - navigate to Setup > API Catalog to confirm * System Administrator permissions, or a custom permission set that includes API Catalog management access MuleSoft requirements: * An Anypoint Platform organization with at least one deployed MCP server * Organization Administrator or API Manager permissions in Anypoint Platform * A tenant relationship established between your Anypoint Platform organization and your Salesforce org - this is the trust bridge that enables sync MCP server requirements: * Your MuleSoft MCP server must be deployed to CloudHub 2.0 * The server must have a consumer endpoint configured in Anypoint API Manager with a valid HTTPS URL How to sync MuleSoft MCP servers into API Catalog. With prerequisites in place, you're ready to bring your MuleSoft MCP servers into Salesforce. The sync process connects API Catalog to your Anypoint Platform organization and automatically detects eligible MCP servers. Step 1: Enable sync. * In Salesforce, navigate to Setup > API Catalog > MCP Servers * Click the External Servers tab * Click Enable Sync This initiates the connection between API Catalog and your Anypoint Platform organization. The initial sync runs in the background and may take a few minutes to complete. Step 2: verify your synced servers. Once the sync completes, your MuleSoft MCP servers appear under the External Servers tab. For each server, you'll see: * Server name pulled from your Anypoint Platform configuration * Description: The description you defined in Anypoint Platform * Source: Shows "MuleSoft" to distinguish from manually registered servers * Connection status indicates whether a secure connection has been established If a server you expected doesn't appear, check the following: * The server has a consumer endpoint configured in Anypoint API Manager * The consumer endpoint URL uses HTTPS * The tenant relationship between Anypoint Platform and your Salesforce org is active Step 3: keep your catalog current. After the initial sync, API Catalog automatically syncs on a recurring schedule. When you add, update, or remove MCP servers in Anypoint Platform, those changes propagate to API Catalog automatically. If you've just published a new MCP server and don't want to wait for the next scheduled sync, click Manage Sync and trigger a manual refresh. This is especially useful during development when you're iterating on tool definitions. Now that your servers are visible in API Catalog, the next step is establishing secure connections so Agentforce can actually reach them. How to create connections and allowlist tools. Syncing makes your MCP servers visible in API Catalog, but Agentforce can't use them until you create a connection and explicitly approve which tools to expose. This two-step process - connect, then allowlist - is what gives you fine-grained control over your agentic tools. Step 4: create a new connection. * From the External Servers tab, click on the MCP server you want to connect * On the server detail page, click New Connection * Select the destination URL - this becomes the managed named credential that Agentforce MCP Client uses to reach your server Step 5: allowlist tools. Once your connection is validated, API Catalog prompts you to select which tools to expose to Agentforce. This is the governance step - only the tools you explicitly approve become available. * Review the list of tools detected on the MCP server * For each tool, you can click to inspect the input schema - this shows you exactly what parameters the tool accepts and what it returns * Select the tools you want to allowlist * Click Save A few things to keep in mind: * You can add or remove tools at any time from the server details page * Tools that are actively referenced by agent actions can't be removed until those references are cleared * Best practice: keep your tool count around 20 per server - too many tools and the AI model struggles to select the right one Once your tools are allowlisted, they're automatically available in the Agentforce Asset Library as agent actions - no separate activation step required. You can add or remove allowlisted tools at any time from the server details page in API Catalog, and the Asset Library reflects those changes. How to verify your setup in Agentforce. With your tools allowlisted, you'll want to confirm that everything works end to end. Here's how to verify your setup. Check tool availability in Agentforce. * Navigate to Setup > Agentforce > Asset Library * Search for the tools from your MCP server * Verify that each allowlisted tool appears as an agent action with its name, description, and input schema Test with an agent action. * Open Agent Builder and create or edit an agent * Add a new action that references one of your MCP tools * Test the action using the agent preview - provide sample input and confirm you get the expected response Troubleshooting common issues. Here are the issues developers most commonly run into during setup, along with how to resolve them. Server doesn't appear after sync. * Verify the tenant relationship is active between Anypoint Platform and your Salesforce org * Confirm the MCP server has a consumer endpoint with a valid HTTPS URL in Anypoint API Manager * Try a manual sync: click Manage Sync in API Catalog and trigger a refresh Connection fails during authentication. * For Client ID enforcement: check that your Anypoint Platform client credentials are valid and haven't expired * For OAuth 2.0: verify the identity provider URL is correct and that the client secret matches * Check that your Salesforce org can reach the MCP server's HTTPS endpoint (no firewall or network restrictions) Tools don't appear in Agentforce Asset Library. * Check that at least one tool is allowlisted - a connected server with no allowlisted tools won't surface anything * Verify the connection status shows as Connected in API Catalog * Verify you have the necessary permissions to view agent actions in the Asset Library Agent actions fail at runtime. * Test the MCP server directly to isolate whether the issue is with the server or the Agentforce configuration * Check the named credential associated with the connection - credentials can expire or become invalid * Review the tool's input schema to ensure the agent is passing parameters in the expected format Ready to bring your MuleSoft MCP servers to Agentforce? You now have a complete MuleSoft MCP server connected and governed in API Catalog, with allowlisted tools available as agent actions in Agentforce. Now it's time to put it to work. Sync your first server, allowlist a focused set of tools, and start building agents that take real action across your enterprise systems. To learn more, review the help column: Get Started With MuleSoft MCP Servers in API Catalog.

Value M
Jun 2nd, 2026
Enterprise AI Agent Builder & Cloud Solutions

Enterprise Integrations MuleSoft vs Workato: choosing the right integration platform. Two leading integration platforms, very different strengths. Here is how to decide which one fits your enterprise based on complexity, team, and budget. When enterprises ask Valuem which integration platform to use, the honest answer is always: it depends. MuleSoft and Workato are both excellent platforms, but they solve different problems for different organizations. MuleSoft is built for complexity. If you have hundreds of systems, strict governance requirements, custom API strategies, and a dedicated integration team, MuleSoft gives you the control and depth you need. Its Anypoint Platform is enterprise-grade in every sense - API lifecycle management, comprehensive monitoring, granular access controls, and the ability to handle integration patterns that simpler tools cannot. The tradeoff is investment. MuleSoft requires skilled developers, a meaningful learning curve, and licensing costs that reflect its enterprise positioning. For organizations with complex integration landscapes and the team to support it, the investment pays for itself. For smaller integration needs, it can be overkill. Workato takes a different approach. It is designed for speed. Business teams can build integrations using a visual interface, pre-built connectors handle most common SaaS-to-SaaS scenarios, and the platform handles the underlying complexity so your team does not have to. Where Workato excels is in connecting modern SaaS applications quickly. CRM to marketing automation, HRIS to payroll, helpdesk to CRM - these integrations can be live in days, not weeks. The platform also handles workflow automation beyond just data movement, which makes it a strong choice for organizations that want integration and automation in one tool. Here is how Valuem guide the decision. If your integration landscape involves legacy systems, custom APIs, complex transformation logic, and you have or plan to build a dedicated integration team, MuleSoft is the right choice. If your primary need is connecting cloud applications, enabling business teams to build integrations, and moving quickly, Workato is the better fit. Many enterprises Valuem work with use both. MuleSoft handles the core enterprise backbone - ERP, legacy databases, custom applications - while Workato handles the growing ecosystem of SaaS tools that business teams adopt. This hybrid approach gives you the depth where you need it and the speed where it matters. One factor that often tips the decision: AI agent deployment. If you are building AI agents that need to connect to enterprise systems, MuleSoft provides the API layer that agents need to access data securely and reliably. The agent does not connect to the database directly - it connects through a managed API that MuleSoft governs. Enterprise AI agent builder & cloud solutions.

MuleSoft
May 19th, 2026
MuleSoft Omni Gateway Support for GraphQL and WebSockets.

MuleSoft Omni Gateway Support for GraphQL and WebSockets. May 19, 2026 | 8 mins read As part of the recent MuleSoft Omni Gateway announcement, MuleSoft has enhanced API Gateway capability to include support for GraphQL and WebSockets. Modern applications no longer communicate the way they did a decade ago. Today's experiences, AI-powered assistants, collaborative workspaces, live financial dashboards, real-time logistics tracking, are built on two protocols that REST alone simply wasn't designed to handle: GraphQL and WebSockets. Omni Gateway Support for GraphQL and WebSockets. GraphQL lets clients request exactly the data they need, eliminating the over-fetching and chatty round trips that plague complex, multi-domain APIs. WebSockets keep connections open, enabling servers to push updates the moment they happen instead of waiting to be asked. Together, they've become foundational to how developers build responsive, efficient, and connected applications at scale. But as these protocols move from the edge of innovation to the center of enterprise architecture, the platforms that govern, secure, and manage APIs need to keep pace. Omni Gateway delivers on enterprise wide demands for advanced protocol support, AI specific protocols, LLM management, federation enforcement and end-to-end governance. MuleSoft's Anypoint Platform already has a meaningful head start with GraphQL for teams building Mule applications directly with APIkit for GraphQL scaffolds and schema-driven Mule flows to implement queries and mutations at the application layer. These capabilities have helped organizations move toward more efficient, consumer-driven data access. Now with Omni Gateway's new GraphQL and WebSockets support MuleSoft add GraphQL subscriptions, WebSocket transport, gateway-level policy enforcement for native GraphQL traffic. Real-time data, such as live pricing, AI agent streams, collaborative events, IoT telemetry, falls entirely outside what the APIKit handles. Delivering GraphQL and WebSocket protocols enables access to unified, strongly typed heterogeneous sources/servers. What MuleSoft is releasing. GraphQL & WebSockets Protocols are now generally available (GA) on all deployment options of MuleSoft's Omni Gateway, giving developers and administrators powerful solutions for deploying APIs exposing heterogeneous and homogeneous query based resources. The release supports all of the standard GraphQL capabilities: * Queries: Support for fetching data, including features like field selection, arguments, aliases, and fragments * Mutations: Support for performing write operations and state changes, ensuring transactional integrity * Introspection: The ability for clients to query the GraphQL schema for metadata * Directives: Support for standard GraphQL directives (e.g., @skip, @include) The following WebSockets capabilities are now supported: * Real-time Subscriptions: The ability to establish a persistent, bi-directional connection over the WebSockets protocol to enable real-time data push for GraphQL subscriptions * Protocol Compliance: Adherence to common industry specifications (e.g. the graphql-ws protocol) for managing the connection lifecycle (initiation, termination, heartbeat) * Security Context Propagation: Seamless propagation of the client's authentication and authorization context from the initial connection handshake to the subscription processing layer Ensuring essential business value and operational completeness MuleSoft has added 4 key GraphQL policies and a WebSockets policy as well: * GraphQL Schema Validation: Validates incoming GraphQL queries against the API GraphQL schema before forwarding them to the upstream service. This policy is critical to ensuring accurate data access and efficient and meaningful developer feedback on Schema violations * GraphQL Introspection Control: Controls access to the GraphQL introspection system by selectively allowing or blocking __schema, __type, and __typename meta-fields. This policy provides valuable controls around these key query operations * GraphQL Operation Limits: Enforces structural constraints on incoming GraphQL operations to prevent abuse and resource exhaustion. By leveraging maximum depth, maximum aliases, maximum root fields and maximum directives, administrators can put effective guard rails around GraphQL APIs * GraphQL Static Query Complexity: Analyzes incoming GraphQL queries against the API schema to statically calculate their complexity and reject expensive operations before they execute * WebSockets Maximum Connections: Limit the number of simultaneous connections per API MuleSoft Omni Gateway GraphQL and WebSockets demo. Let's look at the MuleSoft Omni Gateway GraphQL and WebSockets solution across Anypoint Exchange and API Manager to see how these services and policies work together: Manage, at scale. GraphQL and WebSocket adoption is accelerating, and so are the operational challenges of managing them at scale. Omni Gateway's new protocols allow organizations protect backends from extensive queries and connection exhaustion; unify governance across REST, GraphQL, WebSocket, gRPC, SOAP, MCP, agents, and LLMs; and deploy in minutes with existing MuleSoft infrastructure with no application code changes.

MuleSoft
May 15th, 2026
Automate API Documentation in Exchange across your entire API portfolio.

Automate API Documentation in Exchange across your entire API portfolio. May 15, 2026 | 9 mins read Think about the last time you integrated with an internal legacy service. Did you spend more time building the integration or hunting for the information from the developer who knew which XML tag was mandatory because the documentation was missing? Lack of documentation continues to be the main barrier to asset reuse. Without thorough documentation, even robust APIs stay underused, effectively turning your Exchange catalog into a repository of unused APIs instead of a library of reusable assets. When MuleSoft first launched Generating API Documentation With Einstein Generative AI, MuleSoft addressed the API documentation gap for REST APIs, significantly accelerating the documentation process. To reflect the modern architecture landscape, MuleSoft is pleased to expand its generative API documentation support to protocols such as SOAP, GraphQL, AsyncAPI, gRPC, MCPs and A2A. You can use AI powered capabilities in Exchange to generate documentation for all assets pertaining to above protocols. By broadening its functional capabilities to encompass the full multi-protocol landscape, MuleSoft ensure that your Exchange catalog presents a consistent, comprehensive documentation of all the capabilities, regardless of which protocols your org runs. Protocol-specific intelligence while generating documentation. Documentation needs vary wildly by protocol, and a generic template doesn't work. AI generated documentation now introduces protocol-aware logic: * SOAP: Parses WSDL operations and complex request/response XML envelopes. Documents SOAP actions with appropriate namespaces * GraphQL: Focuses on the graph structures. Documents queries, mutations, and input objects in a way that reflects the hierarchical nature of the schema, not the flat list of the fields * AsyncAPI: Identifies channels and message payload structures for event driven architectures. Makes publishers and consumer relationships explicit, information that was previously buried inside the spec * gRPC: Documents Protobuf definitions, including methods and message types. Clarifies metadata and complex fields to provide transparency into unary and bidirectional streaming patterns * MCP: Documents standardized AI model connections to data sources, systems and applications. Identifies protocol-defined tools, prompts, and resources, so AI agents can seamlessly discover and interact with enterprise data * Agents: Documents AI agent capabilities, tools, skills and orchestration patterns (like Agent-to-Agent). Makes agent behavior discoverable without requiring a conversation with the team that built them Multi-file ingestion solves the context gap. Single-file uploads have always left a context gap while generating the documentation. A spec file that references shared schemas and fragments that live elsewhere in the project will produce incomplete output that misses how the API actually behaves. By leveraging ZIP-based uploads, you can provide an entire specification package including all nested schemas, fragments, and libraries rather than just a single file. Benefits of multi-file ingestion. * Full project awareness: The AI maps relationships across your entire spec package - tracing how a shared RAML fragment or global data type affects endpoints several directories deep, not just the file you uploaded * Coherent documentation, not endpoint lists: With complete project context, the output reads as a logical guide to how your API works, not a disconnected catalogue of routes * No manual gap-bridging: Cross-file references are resolved automatically from the package structure. You don't need to annotate relationships by hand or maintain a separate explanation of how files connect Before you upload your API specification: * Validate your spec first: Broken references or circular dependencies in the ZIP cause the AI to fall back to stable paths only, producing partial output without warning. Run the API Catalog CLI validation step before triggering generation * Clean specs unlock the full context window: A valid specification package allows the AI to use its full LLM context, which directly improves the depth and accuracy of the output Actionable error messages help in resolving issues. Most of MuleSoft have experienced a cryptic 500 error on a Friday afternoon and spent the next hour guessing what went wrong. With this release, MuleSoft replaced ambiguous errors with specific remediation steps when generating documentation. If your Anypoint to Salesforce org connection is misconfigured or if AI document generation hasn't been enabled at the Org level, the platform gives an error message prompting you to contact MuleSoft to enable it. How to enable AI-generated documentation. Before generating documentation, your MuleSoft environment needs two configuration steps. Review the full prerequisites before you begin. 1. Connect your Salesforce Org to the Anypoint Platform. * Go to Anypoint Org settings * Select Salesforce tab from the left panel * Click Add Salesforce Org * Add your Salesforce Org Tenant Key, then click Add 2. Enable Agentforce in your Anypoint org. * In the same Salesforce tab, scroll down to Enhance Anypoint Platform with Agentforce under the Capabilities Managed in Salesforce section * Click Settings * In the pop up, select the Salesforce org you want to enable, click enable Anypoint, and then click Save Make your documentation work for you. The goal isn't more documentation - it's documentation that makes your assets discoverable and reusable. Whether you're covering a SOAP service no one has touched in three years or a new A2A agent shipping next sprint, AI doc generation handles the write-up. You focus on building. To learn more, watch AI-Generated Documentation in Exchange demo and read the Generating API documentation.

Recently Posted Jobs

Sign up to get curated job recommendations

Mulesoft is Hiring for 11 Jobs on Simplify!

Find jobs on Simplify and start your career today

Don't see your dream role? Check out thousands of other roles on Simplify. Browse all jobs →