Add Database data stores

Database based data stores can be used to augment application attribute data by accessing external database based data.
During this task we will add a database based data store.

Steps

Add a data store

  1. Go to your Access Gateway Instance.
  2. Select the Settings tab.
  3. Click Data Stores.
  4. Click +.
  5. Click Sql Database to add an SQL database or LDAP Database to add an LDAP database.

Configure an SQL database data store

  1. When you create a data store for an SQL database, provide the following information in the Create New DataStore wizard:
    FieldDescription
    Name

    Name used to identify the data store (for example, My SQL Datastore).

    Driver

    Driver for the datastore. Select one of:

    • MySQL/MariaDB
    • PostgreSQL
    • MSSQL Server
    • OracleDB
    HostName:PortEnter the FQDN and port for the database instance (for example, mysqlserver.example.com:3306).
    DatabaseName of the database (schema) in the database (for example, userDatabase).

    Username

    Username to access the database (for example, dbuser).

    Password

    Password associated with Username.

    Advanced Query Mode

    Disabled: Specify the table name for example, people).

  2. Click Not Validated. Okta Access Gateway attempts to validate the connection. If successful, the label changes to Valid.
  3. Under Clause Conditions, add a Where clause that defines the join between the your Okta tenant and the database:
    1. Click +.
    2. In the new clause content dialog box, enter:
      • Field: The database field to join with (for example, email).
      • Value: The IDP field to join against for example, ${email@idp}). This field can contain a fixed value or a reference to a field in a datastore. For example, ${fieldInIdP@idp}, where fieldInIdP represents the field from the IdP profile that's used to join against the table.
    3. Click Save (). To add another data store, repeat the preceding steps.
    4. Click Okay.

    Fields used in the Where clause must be defined as attributes for the application. If the field isn't listed as an application attribute, a runtime error occurs. Attributes used exclusively in Where clauses should be marked as don't send. See Manage application attributes.

  4. Turn on the Active toggle to activate the data store.

Test a data store

  1. Click Simulate (Data store simulate button.) in the row of the data store.
  2. For each field in the Where clause, enter a value that matches the associated entry in the IdP.
  3. Click Test to run the simulation. Click Close to end.
  4. Check that the test returns the expected data from the data store for the given values.