I would suggest to setup an App Registration in Azure and let the Anypoint API Manager of Mulesoft verify the token. For the back-end towards Mendix you can easily let Mulesoft replace the Authorization header by basic authentication if you don't need user-specific security like row-level security.

What are you looking for specifically?