MuleSoft Technical Guides

Connecting MuleSoft and Azure SQL with Entra ID

MuleSoft Integration Team

July 14, 2025

Introduction

Establishing a secure connection between MuleSoft and Azure SQL Database can be challenging, especially if you are using Entra ID (formerly known as Azure Active Directory) for authentication. This blog walks through a fully working configuration for connecting to Azure SQL using ActiveDirectoryServicePrincipal in Mule runtime 4.7.4 with Java 8 — addressing driver setup, token-based authentication, and dependency alignment.

If you’re looking to ditch hardcore credentials and adopt token-based authentication via Azure AD, then this guide is for you.

Why Use Entra ID for Azure SQL Integration?

Using Entra ID offers a more secure and manageable way to connect applications to Azure resources. Here are some of the key benefits of using it:

Centralized Identity Management across the cloud infrastructure
Service Principal Security without exposing sensitive credentials
No hard coded SQL credentials (Usernames or Passwords)
Access governance via Azure AD

Tools & Environment Used

Step-by-Step Configuration Guide

A. Set up Entra ID App Registration

Go to Azure Portal → Azure Active Directory → App registrations → New Registration
Note down the following details:
– Client ID
– Tenant ID
– Client Secret
Assign the app as a SQL user:
CREATE USER [app-name] FROM EXTERNAL PROVIDER;
ALTER ROLE db_datareader ADD MEMBER [app-name];
ALTER ROLE db_datawriter ADD MEMBER [app-name];

B. Set Up Maven Dependencies

You only need to add mssql-jdbc manually to the Mule app classpath. All other related libraries (required by MSAL4J) can be resolved through Maven.

<!– Required for Azure AD (Entra ID) Authentication –>
<dependency>
<groupId>com.microsoft.sqlserver</groupId>
<artifactId>mssql-jdbc</artifactId>
<version>9.2.1.jre8</version>
</dependency>

<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>msal4j</artifactId>
<version>1.11.0</version>
</dependency>

<dependency>
<groupId>com.nimbusds</groupId>
<artifactId>oauth2-oidc-sdk</artifactId>
<version>9.15</version>
</dependency>

<dependency>
<groupId>net.minidev</groupId>
<artifactId>json-smart</artifactId>
<version>2.3</version>
</dependency>

C. Configure MuleSoft Generic Database Connector

Use the following parameters:
Driver Class:
com.microsoft.sqlserver.jdbc.SQLServerDriver

JDBC URL:

jdbc:sqlserver://<your-server>.database.windows.net:1433;
database=<your-database>;
authentication=ActiveDirectoryServicePrincipal;
encrypt=true;
trustServerCertificate=false;
hostNameInCertificate=*.database.windows.net;
AADSecurePrincipalId=<client-id>;
AADSecurePrincipalSecret=<client-secret>

Note: Leave Username & Password fields blank.

D. Avoid “Test Connection” Button

The GUI test button often fail for token-based connections. Instead, run a simple test flow in MuleSoft to validate the connection.

Troubleshooting Tips

Final Thoughts

If done correctly, integrating MuleSoft with Azure SQL using token-based authentication offers a secure, scalable, and enterprise-ready integration architecture. This setup not only improves security but also ensures better scalability across environments. If you’re working within a MuleSoft ecosystem and aiming to meet enterprise security requirements, configuring Entra ID authentication is a powerful step forward.

Looking to explore more real-world integration patterns, expert tips, and implementation guides like this? Visit our Resource Center.