Join Identity Data from Okta with Postgres Using Hasura Remote Joins

hasurahq_staff

Hasura

Posted on December 23, 2019

Join Identity Data from Okta with Postgres Using Hasura Remote Joins

TL;DR

Use Hasura Remote Joins to join data from your Postgres database with user data in Okta.

This post is a part of our Remote Joins (available in preview) series. Remote Joins in Hasura allows you to join data across tables and remote data sources. You can sign up here if you'd like to be notified when we launch. Head to the PR to check out more details, read the preview docs, and to try out a test Hasura image that you can spin up. Jump on our discord or comment on github and let us know what you think!

Okta is a complete access management platform that provides secure identity management with Single Sign-On, Multi-factor Authentication, Lifecycle Management (Provisioning), and more. In a typical app, Okta is the gateway for connecting the app, devices and users via APIs.

In this example, we will make use of Okta's API to fetch user's data mapping it with the user id in Postgres.

Let's create a new table in Hasura called users with just id and created_at columns:

Adding Okta API as Remote Schema

To be able to query Okta data via Hasura, it needs to be added as a Remote Schema using the Hasura Console.

Deploy Custom Resolver

Add the following environment variables in the .env file on glitch.

OKTA_API_KEY=xxx
OKTA_DOMAIN=xxx
PORT=3000
Enter fullscreen mode Exit fullscreen mode
  • Get the Okta API Key by visting the create an API Token docs
  • Set the API key as OKTA_API_KEY environment variable.
  • Get the Okta Domain by visiting the following find your domain docs
  • We need to input the Okta Domain as OKTA_DOMAIN environment variable.
  • This custom resolver is used to accept a user's id as an argument and will return a data pertaining to that user.

Get the GraphQL API Endpoint from Glitch and add it as remote schema.

Now let's add the Remote Relationship called userInfo

Now let's create a user on Okta. For simplicity, we use the API directly instead of building a client app. Note that, you have to replace OKTA_API_KEY and OKTA_DOMAIN with the values generated above. Additionally you have to add profile details in the body of the request.

curl -X POST \
  'https://hasura.okta.com/api/v1/users?activate=true' \
  -H 'Authorization: SSWS OKTA_API_KEY’ \
  -H 'Content-Type: application/json' \
  -H 'Host: OKTA_DOMAIN’ \
  -d '{
  "profile": {
    "firstName": "",
    "lastName": "",
    "email": "",
    "login": ""
  },
  "credentials": {
    "password" : { "value": "" }
  }
}'
Enter fullscreen mode Exit fullscreen mode

Once a user is created on Okta, let's add the user id into Hasura's users table.

Now the GraphQL query to fetch this data in a single API call would look like the following:

query {
  users {
    id
    created_at
    userInfo {
      email
      firstName
      lastName
      status
    }
  }
}
Enter fullscreen mode Exit fullscreen mode

Notice that, the nested query userInfo comes from Okta API and it will apply the filter of users.id = userInfo.id, there by only giving data about the current user in Okta.

Checkout our other posts in the Remote Joins series.

Remote Joins opens up a lot of exciting usecases and these boilerplates are simple examples to explore the possibilities. You can fork the original example to extend the functionality for your app's requirements.

💖 💪 🙅 🚩
hasurahq_staff
Hasura

Posted on December 23, 2019

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related