Okta <> Devise Ruby on Rails

Sandesh Bodake

In this article, I’m going to show you how to do Simple Authentication with Okta using Devise gem.

History

We are implementing Single Sign-on(SSO) for one of our clients’ projects at scalereal. So, we compared various Single Sign-on(SSO) providers such as AWS-Cognito, Auth0 and Okta eventually we decided to use Okta as it was most suitable for our needs.

What is Okta ??

It’s a SaaS product that provides cloud software that helps companies manage and secure user authentication into modern applications, and for developers to build identity controls into applications, website web services and devices.

Before going ahead create a developer account on Okta

Basic flow okta with devise appBasic flow okta with devise app

This is the basic flow of our rails app. we are moving step by step to integrate okata to a rails application

1. Create a Rails App with PostgreSQL or MySQL

rails new your_app_name -T -d postgresql

2. Add following gem to Gemfile

we are going to use omniauth-oktaoauth for Strategy to authenticate with Okta via OAuth2 in OmniAuth, activerecord-session_store for handling sessions and devise for handling login scenarios.

Then Run command bundle install


3. Install Devise

$ rails generate devise:install

At this point, a number of instructions will appear in the console. Among these instructions, you’ll need to set up the default URL options for the Devise mailer in each environment. Here is a possible configuration for config/environments/development.rb

config.action_mailer.default_url_options = { host: 'localhost', port: 3000 }

Now, create a model rails generate devise User Add few columns to users table,

rails g migration AddOminiauthToUsers provider:index uid:index

Before migrating database, create a table active_record session migration

rails g active_record:session_migration

Great, we added all the necessary things, Now fire rake db:migrate

4. Build Authentication

Next, create a config/application.yaml file to populate all necessary environment variables.

bundle exec figaro install

Once your Okta account has been created, you’ll need to copy some Okta values into environment variables for Rails to use. Edit the newly generated config/application.yml and add the following values from your Okta tenant.

Once you are done with adding Okta environment variables, let’s add it to our Devise. Edit devise.rb and configure omniauth authentication

Now we should able to connect Devise to Okta.

5. Make Application Working

So up-to this we configure devise with Okta, Now Let’s make our application working.

Create users/ominiauth_callbacks_controller.rb

In this, we are handling sessions and handling env[“omniauth.auth”] which is having Okta credentials.

And then add method from_omniauth in user.rb model

Make sure you are adding Devise with omniauthable with provider oktaoauth

Edit routes.rb like below

Basically I create home_controller.rb for root index,

well user_is_logged_in? the method is missing ?? write that method in application_controller.rb

Now if you start server localhost:3000 you should redirect to Okta login screen like below.

After login, it’ll redirect to OKTA_REDIRECT_URI and the session will be created.

We have successfully implemented Okta with Devise Gem. If you lost somewhere please refer my GitHub repo here


At Scalereal We believe in Sharing and Open Source.

So, If you found this helpful please give some claps 👏 and share it with everyone.

Sharing is Caring!

Thank you ;)