Query Okta Data as a SQL Server Database in Node.js
You can use CData Connect AI to query Okta data through a SQL Server interface. Follow the procedure below to create a virtual database for Okta in Connect AI and start querying using Node.js.
CData Connect AI provides a pure MySQL, cloud-to-cloud interface for Okta, allowing you to easily query live Okta data in Node.js — without replicating the data to a natively supported database. As you query data in Node.js, CData Connect AI pushes all supported SQL operations (filters, JOINs, etc) directly to Okta, leveraging server-side processing to quickly return Okta data.
Configure Okta Connectivity for NodeJS
Connectivity to Okta from NodeJS is made possible through CData Connect AI. To work with Okta data from NodeJS, we start by creating and configuring a Okta connection.
- Log into Connect AI, click Sources, and then click Add Connection
- Select "Okta" from the Add Connection panel
-
Enter the necessary authentication properties to connect to Okta.
To connect to Okta, set the Domain connection string property to your Okta domain.
You will use OAuth to authenticate with Okta, so you need to create a custom OAuth application.
Creating a Custom OAuth Application
From your Okta account:
- Sign in to your Okta developer edition organization with your administrator account.
- In the Admin Console, go to Applications > Applications.
- Click Create App Integration.
- For the Sign-in method, select OIDC - OpenID Connect.
- For Application type, choose Web Application.
- Enter a name for your custom application.
- Set the Grant Type to Authorization Code. If you want the token to be automatically refreshed, also check Refresh Token.
- Set the callback URL:
- For desktop applications and headless machines, use http://localhost:33333 or another port number of your choice. The URI you set here becomes the CallbackURL property.
- For web applications, set the callback URL to a trusted redirect URL. This URL is the web location the user returns to with the token that verifies that your application has been granted access.
- In the Assignments section, either select Limit access to selected groups and add a group, or skip group assignment for now.
- Save the OAuth application.
- The application's Client Id and Client Secret are displayed on the application's General tab. Record these for future use. You will use the Client Id to set the OAuthClientId and the Client Secret to set the OAuthClientSecret.
- Check the Assignments tab to confirm that all users who must access the application are assigned to the application.
- On the Okta API Scopes tab, select the scopes you wish to grant to the OAuth application. These scopes determine the data that the app has permission to read, so a scope for a particular view must be granted for the driver to have permission to query that view. To confirm the scopes required for each view, see the view-specific pages in Data Model < Views in the Help documentation.
- Click Save & Test
-
Navigate to the Permissions tab in the Add Okta Connection page and update the User-based permissions.
Add a Personal Access Token
When connecting to Connect AI through the REST API, the OData API, or the Virtual SQL Server, a Personal Access Token (PAT) is used to authenticate the connection to Connect AI. It is best practice to create a separate PAT for each service to maintain granularity of access.
- Click on the Gear icon () at the top right of the Connect AI app to open the settings page.
- On the Settings page, go to the Access Tokens section and click Create PAT.
-
Give the PAT a name and click Create.
- The personal access token is only visible at creation, so be sure to copy it and store it securely for future use.
With the connection configured and a PAT generated, you are ready to connect to Okta data from Node.js.
Query Okta from Node.js
The following example shows how to define a connection and execute queries to Okta with the SQL Server module. You will need the following information:
- server: tds.cdata.com
- port: 14333
- user: a Connect AI user (e.g. [email protected])
- password: the PAT for the above user
- database: The connection you configured for Okta (Okta1)
Connect to Okta data and start executing queries with the code below:
var sql = require('mssql')
var config = {
server: 'tds.cdata.com',
port: 14333,
user: '[email protected]', //update me
password: 'CONNECT_USER_PAT', //update me
options: {
encrypt: true,
database: 'Okta1'
}
}
sql.connect(config, err => {
if(err){
throw err ;
}
new sql.Request().query('SELECT * FROM Users', (err, result) => {
console.dir(result)
})
});
sql.on('error', err => {
console.log("SQL Error: " ,err);
})