MuleSight Data Handling Disclosure
| Owner | Flowdence Product and Security |
| Applies to app | MuleSight for Confluence |
| Review cadence | Quarterly and before Marketplace updates |
Current implementation facts
Section titled “Current implementation facts”| Data category | Examples | Source | Storage location | Retention posture |
|---|---|---|---|---|
| App configuration | Default org id, dataset flags, sync interval | Admin settings UI | Forge KVS | Persisted until updated/removed |
| Credential material | MuleSoft client secret, cached OAuth access token | Admin input and token exchange | Forge secret storage | Persisted until rotated or cleared |
| Dataset snapshots | CloudHub apps, API Manager APIs, security slices | MuleSoft APIs | Forge KVS cache entries | Replaced on refresh; cleanup behavior defined by cache lifecycle |
| Operational metadata | Refresh timestamps, stale indicators, error metadata | App execution | Forge KVS and logs | Retained per operational needs and platform behavior |
Data flow summary
Section titled “Data flow summary”- Admin configures MuleSoft credentials.
- App exchanges credentials for access token.
- App fetches MuleSoft data and writes cached snapshots.
- UI and Rovo actions read cache-first and optionally refresh live data.
External data egress
Section titled “External data egress”Configured egress target:
No additional outbound endpoints are currently declared in the app manifest.
Data residency and hosting
Section titled “Data residency and hosting”- Runtime and storage operate on Atlassian Forge services.
- Customer data location and residency follow Forge and Atlassian platform controls.
Deletion and rotation
Section titled “Deletion and rotation”- Secrets can be replaced through configuration updates.
- Cache state can be reset when runtime context changes.
- Additional lifecycle controls are tracked in the release gap register.
Product-specific implementation details
Section titled “Product-specific implementation details”MuleSight stores enough data to render MuleSoft operational visibility inside Confluence without requiring every page render to call Anypoint live. This includes connected-app configuration, Forge secret storage for the MuleSoft client secret and token material, cached snapshots for Exchange, Runtime Manager, API Manager, diagnostics, API security posture, and drift-related datasets.
MuleSight does not store full Confluence page bodies. Macro pages reference cached MuleSoft snapshot data by configuration and context. Rovo answers are grounded in cached MuleSight data and may trigger refresh paths only where the user has access and the configured credentials include the required Anypoint scopes.
Planned commitments
Section titled “Planned commitments”- Define explicit documented cache retention windows by dataset type.
- Add formal policy for periodic stale cache cleanup.
Shared baseline policies
Section titled “Shared baseline policies”This app-specific policy is read together with the shared Flowdence baseline: