Setup Agent Scanner

Overview

Creates a complete scanner configuration that can discover and import AI agents from external platforms into Anypoint Exchange. This involves selecting a target system, creating a connection with credentials, and configuring the scanner.

What you'll build: A fully configured scanner that can discover AI agents from your chosen cloud platform (AWS Bedrock, Microsoft Copilot, Google Vertex AI, etc.)

Prerequisites

Before starting, ensure you have:

  1. Anypoint Platform Access

    • Valid Anypoint Platform account with appropriate permissions
    • Organization ID for your Business Group

  2. Cloud Platform Credentials

    • Credentials for the external platform you want to scan (e.g., AWS access keys, Azure credentials, Google service account)
    • Network access to the target platform's APIs

  3. Permissions

    • Permission to create scanner configurations in your organization
    • Permission to store credentials securely

Step 1: Get Available Target Systems

First, retrieve the list of available target systems to see which platforms you can scan.

agent-scanner-configuration-service.getTargetSystems 
$ curl -X GET ${baseUrl}/api/v1/organizations/{organizationId}/connectivity/target-systems \
  -H "Authorization: Bearer ${authToken}" \
  -H "Content-Type: application/json"
Captured Variables
targetSystemId $[*].id
targetSystemType $[*].type

What happens next: You receive a list of available target systems with their IDs, names, and supported authentication schemes. Choose the one matching your cloud platform.

Common issues:

  • 401 Unauthorized: Verify your authorization token is valid
  • Empty list: Your organization may not have access to certain target systems

Step 2: Create a Connection

Create a connection with credentials to access your chosen target system.

agent-scanner-configuration-service.createConnection 
$ curl -X POST ${baseUrl}/api/v1/organizations/{organizationId}/connectivity/connections \
  -H "Authorization: Bearer ${authToken}" \
  -H "Content-Type: application/json"
Captured Variables
connectionId $

What happens next: The connection is created and stored securely. You'll receive a connection ID to use in the scanner configuration.

Common issues:

  • 400 Bad Request: Check that authParameters JSON is valid and contains required fields
  • 404 Not Found: Verify the targetSystemId exists

Step 3: Create Scanner Configuration

Create the scanner configuration that will use your connection to discover agents.

agent-scanner-configuration-service.createScanConfigurations 
$ curl -X POST ${baseUrl}/api/v1/organizations/{organizationId}/scanner-configurations \
  -H "Authorization: Bearer ${authToken}" \
  -H "Content-Type: application/json"
Captured Variables
scannerConfigurationId $.id
scannerState $.state

What happens next: The scanner configuration is created. Depending on the schedule, it will automatically run at the configured times, or you can trigger it manually.

Completion Checklist

After completing all steps, verify:

  • [ ] Target system was selected from available options
  • [ ] Connection was created with valid credentials
  • [ ] Scanner configuration was created successfully
  • [ ] Scanner state shows as SCHEDULED or STOPPED (ready to run)

What You've Built

Your scanner configuration now has:

Connection to External Platform

  • Secure credential storage
  • Connection to your chosen cloud platform

Configured Scanner

  • Named scanner configuration
  • Scheduled or manual execution
  • Ready to discover AI agents

Next Steps

Now that your scanner is configured:

  1. Run the scanner manually

    • Use the "Run Agent Scan and View Results" skill to execute immediately

  2. Monitor scheduled runs

    • Check the scanner run history for automated executions

  3. Review discovered agents

    • View staging assets to see discovered AI agents before publication

Tips and Best Practices

Security

  • Rotate credentials regularly: Update connection credentials periodically
  • Use least-privilege access: Only grant the minimum permissions needed for scanning

Scheduling

  • Off-peak hours: Schedule scans during low-traffic periods
  • Frequency: Daily scans are typically sufficient for most use cases

Troubleshooting

Connection Test Fails

Symptoms: Connection created but test shows FAILED status

Possible causes:

  • Invalid credentials
  • Network connectivity issues
  • Insufficient permissions on the target platform

Solutions:

  • Verify credentials are correct and not expired
  • Check network/firewall rules allow access to the platform APIs
  • Ensure the credentials have read access to list agents

Scanner Configuration Creation Fails

Symptoms: 400 Bad Request when creating scanner configuration

Possible causes:

  • Invalid schedule JSON format
  • Missing required fields
  • Connection ID doesn't exist

Solutions:

  • Validate schedule JSON syntax
  • Ensure all required fields (name, schedule, runPolicy) are provided
  • Verify connection ID from Step 2