Integrating LangChain with Okta Data via CData Connect AI

Dibyendu Datta
Dibyendu Datta
Lead Technology Evangelist
Leverage the CData Connect AI Remote MCP Server to enable LangChain agents to securely access and act on Okta data within automated workflows.

LangChain is a framework used by developers, data engineers, and AI practitioners for building AI-powered applications and workflows by combining reasoning models (LLMs), tools, APIs, and data connectors. By integrating LangChain with CData Connect AI through the built-in MCP Server, workflows can effortlessly access and interact with live Okta data in real time.

CData Connect AI offers a secure, low-code environment to connect Okta and other data sources, removing the need for complex ETL and enabling seamless automation across business applications with live data.

This article outlines how to configure Okta connectivity in CData Connect AI, register the MCP server with LangChain, and build a workflow that queries Okta data in real time.

Prerequisites

Step 1: Configure Okta Connectivity for LangChain

Before LangChain can access Okta, a Okta connection must be created in CData Connect AI. This connection is then exposed to LangChain through the remote MCP server.

  1. Log in to Connect AI click Sources, and then click + Add Connection
  2. From the available data sources, choose Okta
  3. Enter the necessary authentication properties to connect to Okta

    To connect to Okta, set the Domain connection string property to your Okta domain.

    You will use OAuth to authenticate with Okta, so you need to create a custom OAuth application.

    Creating a Custom OAuth Application

    From your Okta account:

    1. Sign in to your Okta developer edition organization with your administrator account.
    2. In the Admin Console, go to Applications > Applications.
    3. Click Create App Integration.
    4. For the Sign-in method, select OIDC - OpenID Connect.
    5. For Application type, choose Web Application.
    6. Enter a name for your custom application.
    7. Set the Grant Type to Authorization Code. If you want the token to be automatically refreshed, also check Refresh Token.
    8. Set the callback URL:
      • For desktop applications and headless machines, use http://localhost:33333 or another port number of your choice. The URI you set here becomes the CallbackURL property.
      • For web applications, set the callback URL to a trusted redirect URL. This URL is the web location the user returns to with the token that verifies that your application has been granted access.
    9. In the Assignments section, either select Limit access to selected groups and add a group, or skip group assignment for now.
    10. Save the OAuth application.
    11. The application's Client Id and Client Secret are displayed on the application's General tab. Record these for future use. You will use the Client Id to set the OAuthClientId and the Client Secret to set the OAuthClientSecret.
    12. Check the Assignments tab to confirm that all users who must access the application are assigned to the application.
    13. On the Okta API Scopes tab, select the scopes you wish to grant to the OAuth application. These scopes determine the data that the app has permission to read, so a scope for a particular view must be granted for the driver to have permission to query that view. To confirm the scopes required for each view, see the view-specific pages in Data Model < Views in the Help documentation.
  4. Click Save & Test
  5. Once authenticated, open the Permissions tab in the Okta connection and configure user-based permissions as required

Generate a Personal Access Token (PAT)

LangChain authenticates to Connect AI using an account email and a Personal Access Token (PAT). Creating separate PATs for each integration is recommended to maintain access control granularity.

  1. In Connect AI, select the Gear icon in the top-right to open Settings
  2. Under Access Tokens, select Create PAT
  3. Provide a descriptive name for the token and select Create
  4. Copy the token and store it securely. The PAT will only be visible during creation

With the Okta connection configured and a PAT generated, LangChain is prepared to connect to Okta data through the CData MCP server.

Note: You can also generate a PAT from LangChain in the Integrations section of Connect AI. Simply click Connect --> Create PAT to generate it.

Step 2: Connect to the MCP server in LangChain

To connect LangChain with CData Connect AI Remote MCP Server and use OpenAI (ChatGPT) for reasoning, you need to configure your MCP server endpoint and authentication values in a config.py file. These values allow LangChain to call the MCP server tools, while OpenAI handles the natural language reasoning.

  1. Create a folder for LangChain MCP
  2. Create two Python files within the folder: config.py and langchain.py
  3. In config.py, create a class Config to define your MCP server authentication and URL. You need to provide your Base64-encoded CData Connect AI username and PAT (obtained in the prerequisites):
     
    class Config: 
    
          MCP_BASE_URL = "https://mcp.cloud.cdata.com/mcp"   #MCP Server URL 
          MCP_AUTH = "base64encoded(EMAIL:PAT)"   #Base64 encoded Connect AI Email:PAT 
    

    Note: You can create the base64 encoded version of MCP_AUTH using any Base64 encoding tool.

  4. In langchain.py, set up your MCP server and MCP client to call the tools and prompts:
     
    """ 
    Integrates a LangChain ReAct agent with CData Connect AI MCP server. 
    The script demonstrates fetching, filtering, and using tools with an LLM for agent-based reasoning. 
    """ 
    
    import asyncio 
    from langchain_mcp_adapters.client import MultiServerMCPClient 
    from langchain_openai import ChatOpenAI 
    from langgraph.prebuilt import create_react_agent 
    from config import Config 
    
    async def main(): 
    
    # Initialize MCP client with one or more server URLs
    mcp_client = MultiServerMCPClient( 
      connections={ 
        "default": { # you can name this anything 
        "transport": "streamable_http", 
        "url": Config.MCP_BASE_URL, 
        "headers": {"Authorization": f"Basic {Config.MCP_AUTH}"}, 
        } 
      } 
    ) 
    
    # Load remote MCP tools exposed by the server 
    all_mcp_tools = await mcp_client.get_tools() 
    print("Discovered MCP tools:", [tool.name for tool in all_mcp_tools]) 
    
    # Create and run the ReAct style agent 
    llm = ChatOpenAI( 
      model="gpt-4o",  
      temperature=0.2, 
      api_key="YOUR_OPEN_API_KEY" #Use your OpenAI API Key here, this can be found here: https://platform.openai.com/ 
    ) 
    
    agent = create_react_agent(llm, all_mcp_tools) 
    
    user_prompt = "How many tables are available in Okta1?" #Change prompts as per need 
    print(f"
    User prompt: {user_prompt}") 
    
    # Send a prompt asking the agent to use the MCP tools 
    response = await agent.ainvoke( 
      { "messages": [{ "role": "user", "content": (user_prompt),}]} 
    ) 
    
    # Print out the agent's final response 
    final_msg = response["messages"][-1].content 
    print("Agent final response:", final_msg) 
    
    if __name__ == "__main__": 
    
    asyncio.run(main()) 
    

Step 3: Install the LangChain and LangGraph packages

Since this workflow uses LangChain together with CData Connect AI MCP and integrates OpenAI for reasoning, you need to install the required Python packages.

Run the following command in your project terminal:

 
pip install langchain-mcp-adapters langchain-openai langgraph 

Step 4: Prompt Okta using LangChain (via the MCP server)

  1. When the installation finishes, run python langchain.py to execute the script
  2. The script connects to the MCP server and discovers the CData Connect AI MCP tools available for querying your connected data
  3. Supply a prompt (e.g., "How many tables are available in Okta?")
  4. Accordingly, the agent responds with the results

Get CData Connect AI

To get live data access to hundreds of SaaS, Big Data, and NoSQL sources directly from your cloud applications, try CData Connect AI today!

Ready to get started?

Learn more about CData Connect AI or sign up for free trial access:

Free Trial