Retrieving user details in bulk

prasad_g_parab · February 20, 2018, 11:33am

Hi
I am working on okta integration with my application using rest api.
My requirement is I need to get information about user such as profile info, connected groups, connected apps, assigned admin roles.

Currently, I am fetching information by below steps

call /users endpoint to get userID
call /users/uid/groups endpoint to get all groups connected to user
call /users/uid/apps endpoint to get all apps connected to user
call /users/uid/roles endpoint to get all roles assigned to the user

From above steps, I get all required information but it requires 3/4 calls which hits the performance of application.

Any way or suggestion to get above information in minimum calls or in less time?

Regards,
Prasad

tom · February 20, 2018, 10:10pm

The Okta SDKs have a caching layer built in, this would allow you to minimize and speed up the calls.

You could also run calls 2-4 asynchronously.

prasad_g_parab · February 21, 2018, 6:48am

Thanks @tom for reply

Can you please point me to any reference document about how the caching mechanism works in okta SDK?

I founddocumentation about how to create cache.

But I am interested in the details like what data cache is storing and how cached data reused?

tom · February 21, 2018, 9:25pm

You can specify what is cached like such:

Caches.newCacheManager()
     .withDefaultTimeToLive(300, TimeUnit.SECONDS) // default
     .withDefaultTimeToIdle(300, TimeUnit.SECONDS) //general default
     .withCache(forResource(Account.class) //Account-specific cache settings
         .withTimeToLive(1, TimeUnit.HOURS)
         .withTimeToIdle(30, TimeUnit.MINUTES))
     .withCache(forResource(Group.class) //Group-specific cache settings
         .withTimeToLive(2, TimeUnit.HOURS))

The cache will cache everything returned by okta under the key of the self-link. We need to be able to materialize the full objects with links.

How it is used is when the request executor is making a request to a resource, it can check the cache for an object with the can link (the self-link), before flighting a request to the okta service.

I hope this information helps!

prasad_g_parab · February 23, 2018, 5:44am

Sounds good.
Just one question I saw there is a group called “Everyone” and every user created in okta is by default member of everyone group.

So is it a fair statement that every okta instance have everyone group which hold each and every user exists on okta? also is there any way to modify this settings?

system · January 12, 2024, 9:36pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.