Query Okta Data as a SQL Server Database in Node.js

Jerod Johnson
Jerod Johnson
Director, Technology Evangelism
Execute SQL Server queries against Okta data from Node.js.

You can use CData Connect AI to query Okta data through a SQL Server interface. Follow the procedure below to create a virtual database for Okta in Connect AI and start querying using Node.js.

CData Connect AI provides a pure MySQL, cloud-to-cloud interface for Okta, allowing you to easily query live Okta data in Node.js — without replicating the data to a natively supported database. As you query data in Node.js, CData Connect AI pushes all supported SQL operations (filters, JOINs, etc) directly to Okta, leveraging server-side processing to quickly return Okta data.

Configure Okta Connectivity for NodeJS

Connectivity to Okta from NodeJS is made possible through CData Connect AI. To work with Okta data from NodeJS, we start by creating and configuring a Okta connection.

  1. Log into Connect AI, click Sources, and then click Add Connection
  2. Adding a Connection
  3. Select "Okta" from the Add Connection panel
  4. Selecting a data source
  5. Enter the necessary authentication properties to connect to Okta.

    To connect to Okta, set the Domain connection string property to your Okta domain.

    You will use OAuth to authenticate with Okta, so you need to create a custom OAuth application.

    Creating a Custom OAuth Application

    From your Okta account:

    1. Sign in to your Okta developer edition organization with your administrator account.
    2. In the Admin Console, go to Applications > Applications.
    3. Click Create App Integration.
    4. For the Sign-in method, select OIDC - OpenID Connect.
    5. For Application type, choose Web Application.
    6. Enter a name for your custom application.
    7. Set the Grant Type to Authorization Code. If you want the token to be automatically refreshed, also check Refresh Token.
    8. Set the callback URL:
      • For desktop applications and headless machines, use http://localhost:33333 or another port number of your choice. The URI you set here becomes the CallbackURL property.
      • For web applications, set the callback URL to a trusted redirect URL. This URL is the web location the user returns to with the token that verifies that your application has been granted access.
    9. In the Assignments section, either select Limit access to selected groups and add a group, or skip group assignment for now.
    10. Save the OAuth application.
    11. The application's Client Id and Client Secret are displayed on the application's General tab. Record these for future use. You will use the Client Id to set the OAuthClientId and the Client Secret to set the OAuthClientSecret.
    12. Check the Assignments tab to confirm that all users who must access the application are assigned to the application.
    13. On the Okta API Scopes tab, select the scopes you wish to grant to the OAuth application. These scopes determine the data that the app has permission to read, so a scope for a particular view must be granted for the driver to have permission to query that view. To confirm the scopes required for each view, see the view-specific pages in Data Model < Views in the Help documentation.
    Configuring a connection (Salesforce is shown)
  6. Click Save & Test
  7. Navigate to the Permissions tab in the Add Okta Connection page and update the User-based permissions. Updating permissions

Add a Personal Access Token

When connecting to Connect AI through the REST API, the OData API, or the Virtual SQL Server, a Personal Access Token (PAT) is used to authenticate the connection to Connect AI. It is best practice to create a separate PAT for each service to maintain granularity of access.

  1. Click on the Gear icon () at the top right of the Connect AI app to open the settings page.
  2. On the Settings page, go to the Access Tokens section and click Create PAT.
  3. Give the PAT a name and click Create. Creating a new PAT
  4. The personal access token is only visible at creation, so be sure to copy it and store it securely for future use.

With the connection configured and a PAT generated, you are ready to connect to Okta data from Node.js.

Query Okta from Node.js

The following example shows how to define a connection and execute queries to Okta with the SQL Server module. You will need the following information:

  • server: tds.cdata.com
  • port: 14333
  • user: a Connect AI user (e.g. [email protected])
  • password: the PAT for the above user
  • database: The connection you configured for Okta (Okta1)

Connect to Okta data and start executing queries with the code below:

var sql = require('mssql')
var config = {
	server: 'tds.cdata.com',
	port: 14333, 
	user: '[email protected]', //update me
	password: 'CONNECT_USER_PAT', //update me	
	options: {
		encrypt: true,
		database: 'Okta1'
	}
}

sql.connect(config, err => { 
    if(err){
        throw err ;
    }
    new sql.Request().query('SELECT * FROM Users', (err, result) => {
        console.dir(result)
    })
        
});

sql.on('error', err => {
    console.log("SQL Error: " ,err);
})

Ready to get started?

Learn more about CData Connect AI or sign up for free trial access:

Free Trial