Integrate Data Stores

Data Stores:



Add a database based Data Store

  1. Navigate to your Access Gateway InstanceAn instance, or computer instance, is a virtual machine (VM) or individual physical computer, used to host a software appliance..
  2. Select the Settings tab.
  3. Select the Data Stores pane.
  4. Select (+)> Sql Database.

Configure The Data Store

After selecting Sql Database the Create New Data Store wizard will start, initialized for database creation.

  1. Enter the following details:
    NameName used to identify the data store.My SQL Datastore

    Driver for datastore. Choose one of:

    • MySQL/MariaDB
    • PostgreSQL
    • MSSQL Server
    • OracleDB
    HostName:PortEnter the FQDNA fully qualified domain name (FQDN) is the complete domain name for a specific computer, or host, on the internet. and port for the database
    DatabaseName of the database (schema) within the database.userDatabase


    Username to access the database.



    Password associated with Username.


    Advanced Query Mode

    Disabled: Specify the table name.


  2. Click the Not Validated ()button when complete.
    Okta Access Gateway will validate the connection to the database.
    On success the button will turn green () and show that the connection is valid.
  3. Add Where Clause:
    The where clause defines the join between the your Okta tenant and the database.
    1. Click the (+)
    2. In the new clause content dialog enter:


      FieldThe database field to join with


      ValueThe idPAn acronym for Identity Provider. It is a service that manages end user accounts analogous to user directories such as LDAP and Active Directory, and can send SAML responses to SPs to authenticate end users. Within this scenario, the IdP is Okta. field to join against


      The result should resemble:


      The Value field can contain a fixed value or a reference to a field within a data store. Most common use is ${fieldInIdP@idp} where fieldInIdP represents the field used to join against the table and is from the fields available in the idP profile.

    3. Click Save ()when complete.
      Repeat as required.
    4. Click Okay to save the data store definition.


    Fields used in where clause MUST be defined as attributes for the application. If the field it not listed as an application attribute an error will result.

  4. Activate the datastore.
    Data stores are created disabled by default. Activate the data store by changing the Active toggle from inactive to active.
  5. Test the datasource.
    1. In the row containing the data store, click the test button ( ).
    2. In the Value field enter a value which will be matched in the where clause of the data store.
      For example, if matching on email enter a valid email address such as homer.simpson@springfield.orgThe Okta container that represents a real-world organization..
    3. Click Test.
    4. On success the data store test will display content in the loaded data section of the test dialog.
      If not matches are found the dialog will display no information.

Define Data Store based Application Attributes

  1. Select the Applications tab.
  2. In the row containing the previously created application, click the edit button ( ).
  3. Select the Attributes pane.
  4. Click the add attribute button( ) .
    Note you may need to scroll the window down to see the new attribute display.
  5. Add an attribute with the following values:
    Data SourceSelect the newly added data store
    FieldSelect one of the fields from the data store.
    This is the source element.
    NameSelect the name of the field.
    This is the target in the Header, Cookie etc,

    Repeat as required.
  6. Click Okay.
  7. Click Done.

Test the application

  1. In the row containing the application click the Goto > SPAn acronym for service provider. Generally, an SP is a company, usually providing organizations with communications, storage, processing, and a host of other services. Within Okta, it is any website that accepts SAML responses as a way of signing in users, and has the ability to redirect a user to an IdP (e.g., Okta) to begin the authentication process. Initiated.
  2. Login to your Okta tenant using a valid account.
  3. Examine the results of the test for the newly added data store based file and ensure the returned value is correct.