Natively Connect to Okta Data in PHP

Drop the CData ODBC Driver for Okta into your LAMP or WAMP stack to build Okta-connected Web applications. This article shows how to use PHP's ODBC built-in functions to connect to Okta data, execute queries, and output the results.

Using the CData ODBC Drivers on a UNIX/Linux Machine

The CData ODBC Drivers are supported in various Red Hat-based and Debian-based systems, including Ubuntu, Debian, RHEL, CentOS, and Fedora. There are also several libraries and packages that are required, many of which may be installed by default, depending on your system. For more information on the supported versions of Linux operating systems and the required libraries, please refer to the "Getting Started" section in the help documentation (installed and found online).

Installing the Driver Manager

Before installing the driver, check that your system has a driver manager. For this article, you will use unixODBC, a free and open source ODBC Driver manager that is widely supported.

For Debian-based systems like Ubuntu, you can install unixODBC with the APT package manager:

For systems based on Red Hat Linux, you can install unixODBC with yum or dnf:

The unixODBC driver manager reads information about drivers from an odbcinst.ini file and about data sources from an odbc.ini file. You can determine the location of the configuration files on your system by entering the following command into a terminal:

The output of the command will display the locations of the configuration files for ODBC data sources and registered ODBC drivers. User data sources can only be accessed by the user account whose home folder the odbc.ini is located in. System data sources can be accessed by all users. Below is an example of the output of this command:

Installing the Driver

You can download the driver in standard package formats: the Debian .deb package format or the .rpm file format. Once you have downloaded the file, you can install the driver from the terminal.

The driver installer registers the driver with unixODBC and creates a system DSN, which can be used later in any tools or applications that support ODBC connectivity.

For Debian-based systems like Ubuntu, run the following command with sudo or as root: $ dpkg -i /path/to/package.deb

For Red Hat systems or other systems that support .rpms, run the following command with sudo or as root: $ rpm -i /path/to/package.rpm

Once the driver is installed, you can list the registered drivers and defined data sources using the unixODBC driver manager:

List the Registered Driver(s)

List the Defined Data Source(s)

To use the CData ODBC Driver for Okta with unixODBC, ensure that the driver is configured to use UTF-16. To do so, edit the INI file for the driver (cdata.odbc.okta.ini), which can be found in the lib folder in the installation location (typically /opt/cdata/cdata-odbc-driver-for-okta), as follows:

cdata.odbc.okta.ini

Modifying the DSN

The driver installation predefines a system DSN. You can modify the DSN by editing the system data sources file (/etc/odbc.ini) and defining the required connection properties. Additionally, you can create user-specific DSNs that will not require root access to modify in $HOME/.odbc.ini.

To connect to Okta, set the Domain connection string property to your Okta domain.

You will use OAuth to authenticate with Okta, so you need to create a custom OAuth application.

Creating a Custom OAuth Application

From your Okta account:

1. Sign in to your Okta developer edition organization with your administrator account.
2. In the Admin Console, go to Applications > Applications.
3. Click Create App Integration.
4. For the Sign-in method, select OIDC - OpenID Connect.
5. For Application type, choose Web Application.
6. Enter a name for your custom application.
7. Set the Grant Type to Authorization Code. If you want the token to be automatically refreshed, also check Refresh Token.
8. Set the callback URL:
   • For desktop applications and headless machines, use http://localhost:33333 or another port number of your choice. The URI you set here becomes the CallbackURL property.
   • For web applications, set the callback URL to a trusted redirect URL. This URL is the web location the user returns to with the token that verifies that your application has been granted access.
9. In the Assignments section, either select Limit access to selected groups and add a group, or skip group assignment for now.
10. Save the OAuth application.
11. The application's Client Id and Client Secret are displayed on the application's General tab. Record these for future use. You will use the Client Id to set the OAuthClientId and the Client Secret to set the OAuthClientSecret.
12. Check the Assignments tab to confirm that all users who must access the application are assigned to the application.
13. On the Okta API Scopes tab, select the scopes you wish to grant to the OAuth application. These scopes determine the data that the app has permission to read, so a scope for a particular view must be granted for the driver to have permission to query that view. To confirm the scopes required for each view, see the view-specific pages in Data Model < Views in the Help documentation.

/etc/odbc.ini or $HOME/.odbc.ini

For specific information on using these configuration files, please refer to the help documentation (installed and found online).

Establish a Connection

Open the connection to Okta by calling the odbc_connect or odbc_pconnect methods. To close connections, use odbc_close or odbc_close_all.

Connections opened with odbc_connect are closed when the script ends. Connections opened with the odbc_pconnect method are still open after the script ends. This enables other scripts to share that connection when they connect with the same credentials. By sharing connections among your scripts, you can save system resources and queries execute faster.

Create Prepared Statements

Create prepared statements and parameterized queries with the odbc_prepare function.

Execute Queries

Execute prepared statements with odbc_execute.

Execute nonparameterized queries with odbc_exec.

Process Results

Access a row in the result set as an array with the odbc_fetch_array function.

Display the result set in an HTML table with the odbc_result_all function.

More Example Queries

You will find complete information on the SQL queries supported by the driver in the help documentation. The code examples above are Okta-specific adaptations of the PHP community documentation for all ODBC functions.