Add Database data stores
Database based data stores can be used to augment application attribute data by accessing external database based data. During this task we will add a database based data store.
Steps
Add a Data Store
- Go to your Access Gateway Instance.
- Select the Settings tab.
- Click Data Stores.
- Click +.
- Click Sql Database to add an SQL database or LDAP Database to add an LDAP database.
Configure an SQL database data store
- When you create a data store for an SQL database, provide the following information in the Create New DataStore wizard:
Field Description Name Name used to identify the data store (for example,
My SQL Datastore).Driver Driver for the datastore. Select one of:
- MySQL/MariaDB
- PostgreSQL
- MSSQL Server
- OracleDB
HostName:Port Enter the FQDN and port for the database instance (for example, mysqlserver.example.com:3306).Database Name of the database (schema) in the database (for example, userDatabase).Username
Username to access the database (for example,
dbuser).Password
Password associated with Username.
Advanced Query Mode
Disabled: Specify the table name for example,
people). - Click Not Validated. Okta Access Gateway attempts to validate the connection. If successful, the label changes to Valid.
- Under Clause Conditions, add a Where clause that defines the join between the your Okta tenant and the database:
- Click +.
- In the new clause content dialog box, enter:
- Field: The database field to join with (for example, email).
-
Value: The IDP field to join against for example,
${email@idp}). This field can contain a fixed value or a reference to a field in a datastore. For example, ${fieldInIdP@idp}, where fieldInIdP represents the field from the IdP profile that's used to join against the table.
- Click Save (
). To add another data store, repeat the preceding steps. - Click Okay.
CAUTION:Fields used in the Where clause must be defined as attributes for the application. If the field isn't listed as an application attribute, a runtime error occurs. Attributes used exclusively in Where clauses should be marked as don't send. See Manage application attributes.
- Turn on the Active toggle to activate the data store.
Test a data store
- Click Simulate (
) in the row of the data store. - For each field in the Where clause, enter a value that matches the associated entry in the IdP.
- Click Test to run the simulation. Click Close to end.
- Check that the test returns the expected data from the data store for the given values.
Related topics