Join Identity Data from Okta with Postgres Using Hasura Remote Joins
TL;DR
Use Hasura Remote Joins to join data from your Postgres database with user data in Okta.
This post is a part of our Remote Joins series. Remote Joins in Hasura allows you to join data across tables and remote data sources. Data Federation using Hasura Remote Joins is now available in v1.3.0 stable release.
Try it out on Hasura Cloud and let us know what you think!
Okta is a complete access management platform that provides secure identity management with Single Sign-On, Multi-factor Authentication, Lifecycle Management (Provisioning), and more. In a typical app, Okta is the gateway for connecting the app, devices and users via APIs.
In this example, we will make use of Okta's API to fetch user's data mapping it with the user id in Postgres.
Let's create a new table in Hasura called users
with just id
and created_at
columns:
Adding Okta API as Remote Schema
To be able to query Okta data via Hasura, it needs to be added as a Remote Schema
using the Hasura Console.
Deploy Custom Resolver
Add the following environment variables in the .env
file on glitch.
OKTA_API_KEY=xxx
OKTA_DOMAIN=xxx
PORT=3000
- Get the Okta API Key by visiting the create an API Token docs
- Set the API key as
OKTA_API_KEY
environment variable. - Get the Okta Domain by visiting the following find your domain docs
- We need to input the Okta Domain as
OKTA_DOMAIN
environment variable. - This custom resolver is used to accept a user's id as an argument and will return a data pertaining to that user.
Get the GraphQL API Endpoint from Glitch and add it as remote schema.
Now let's add the Remote Relationship called userInfo
Now let's create a user on Okta. For simplicity, we use the API directly instead of building a client app. Note that, you have to replace OKTA_API_KEY and OKTA_DOMAIN with the values generated above. Additionally you have to add profile details in the body of the request.
curl -X POST \
'https://hasura.okta.com/api/v1/users?activate=true' \
-H 'Authorization: SSWS OKTA_API_KEY’ \
-H 'Content-Type: application/json' \
-H 'Host: OKTA_DOMAIN’ \
-d '{
"profile": {
"firstName": "",
"lastName": "",
"email": "",
"login": ""
},
"credentials": {
"password" : { "value": "" }
}
}'
Once a user is created on Okta, let's add the user id into Hasura's users
table.
Now the GraphQL query to fetch this data in a single API call would look like the following:
query {
users {
id
created_at
userInfo {
email
firstName
lastName
status
}
}
}
Notice that, the nested query userInfo
comes from Okta API and it will apply the filter of users.id = userInfo.id, there by only giving data about the current user in Okta.
Checkout our other posts in the Remote Joins series.
Remote Joins opens up a lot of exciting use-cases and these boilerplates are simple examples to explore the possibilities. You can fork the original example to extend the functionality for your app's requirements.