Retrieving user details in bulk

I am working on okta integration with my application using rest api.
My requirement is I need to get information about user such as profile info, connected groups, connected apps, assigned admin roles.

Currently, I am fetching information by below steps

  1. call /users endpoint to get userID
  2. call /users/uid/groups endpoint to get all groups connected to user
  3. call /users/uid/apps endpoint to get all apps connected to user
  4. call /users/uid/roles endpoint to get all roles assigned to the user

From above steps, I get all required information but it requires 3/4 calls which hits the performance of application.

Any way or suggestion to get above information in minimum calls or in less time?


1 Like

The Okta SDKs have a caching layer built in, this would allow you to minimize and speed up the calls.

You could also run calls 2-4 asynchronously.

Thanks @tom for reply

Can you please point me to any reference document about how the caching mechanism works in okta SDK?

I founddocumentation about how to create cache.

But I am interested in the details like what data cache is storing and how cached data reused?

You can specify what is cached like such:

     .withDefaultTimeToLive(300, TimeUnit.SECONDS) // default
     .withDefaultTimeToIdle(300, TimeUnit.SECONDS) //general default
     .withCache(forResource(Account.class) //Account-specific cache settings
         .withTimeToLive(1, TimeUnit.HOURS)
         .withTimeToIdle(30, TimeUnit.MINUTES))
     .withCache(forResource(Group.class) //Group-specific cache settings
         .withTimeToLive(2, TimeUnit.HOURS))

The cache will cache everything returned by okta under the key of the self-link. We need to be able to materialize the full objects with links.

How it is used is when the request executor is making a request to a resource, it can check the cache for an object with the can link (the self-link), before flighting a request to the okta service.

I hope this information helps!

Sounds good.
Just one question I saw there is a group called “Everyone” and every user created in okta is by default member of everyone group.

So is it a fair statement that every okta instance have everyone group which hold each and every user exists on okta? also is there any way to modify this settings?