Join Identity Data from Okta with Postgres Using Hasura Remote Joins

TL;DR

Use Hasura Remote Joins to join data from your Postgres database with user data in Okta.

This post is a part of our Remote Joins series. Remote Joins in Hasura allows you to join data across tables and remote data sources. Data Federation using Hasura Remote Joins is now available in v1.3.0 stable release.
Try it out on Hasura Cloud and let us know what you think!

Okta is a complete access management platform that provides secure identity management with Single Sign-On, Multi-factor Authentication, Lifecycle Management (Provisioning), and more. In a typical app, Okta is the gateway for connecting the app, devices and users via APIs.

In this example, we will make use of Okta's API to fetch user's data mapping it with the user id in Postgres.

Let's create a new table in Hasura called users with just id and created_at columns:

Adding Okta API as Remote Schema

To be able to query Okta data via Hasura, it needs to be added as a Remote Schema using the Hasura Console.

Deploy Custom Resolver

Add the following environment variables in the .env file on glitch.

OKTA_API_KEY=xxx
OKTA_DOMAIN=xxx
PORT=3000
  • Get the Okta API Key by visiting the create an API Token docs
  • Set the API key as OKTA_API_KEY environment variable.
  • Get the Okta Domain by visiting the following find your domain docs
  • We need to input the Okta Domain as OKTA_DOMAIN environment variable.
  • This custom resolver is used to accept a user's id as an argument and will return a data pertaining to that user.

Get the GraphQL API Endpoint from Glitch and add it as remote schema.

Now let's add the Remote Relationship called userInfo

Now let's create a user on Okta. For simplicity, we use the API directly instead of building a client app. Note that, you have to replace OKTA_API_KEY and OKTA_DOMAIN with the values generated above. Additionally you have to add profile details in the body of the request.

curl -X POST \
  'https://hasura.okta.com/api/v1/users?activate=true' \
  -H 'Authorization: SSWS OKTA_API_KEY’ \
  -H 'Content-Type: application/json' \
  -H 'Host: OKTA_DOMAIN’ \
  -d '{
  "profile": {
    "firstName": "",
    "lastName": "",
    "email": "",
    "login": ""
  },
  "credentials": {
    "password" : { "value": "" }
  }
}'

Once a user is created on Okta, let's add the user id into Hasura's users table.

Now the GraphQL query to fetch this data in a single API call would look like the following:

query {
  users {
    id
    created_at
    userInfo {
      email
      firstName
      lastName
      status
    }
  }
}

Notice that, the nested query userInfo comes from Okta API and it will apply the filter of users.id = userInfo.id, there by only giving data about the current user in Okta.

Checkout our other posts in the Remote Joins series.

Remote Joins opens up a lot of exciting use-cases and these boilerplates are simple examples to explore the possibilities. You can fork the original example to extend the functionality for your app's requirements.

Blog
27 Aug, 2019
Email
Subscribe to stay up-to-date on all things Hasura. One newsletter, once a month.
Loading...
v3-pattern
Accelerate development and data access with radically reduced complexity.