Skip to content

Allow configurable Okta service synchronization duration.#31170

Merged
mdwn merged 2 commits intomasterfrom
mike.wilson/okta-duration
Aug 30, 2023
Merged

Allow configurable Okta service synchronization duration.#31170
mdwn merged 2 commits intomasterfrom
mike.wilson/okta-duration

Conversation

@mdwn
Copy link
Copy Markdown
Contributor

@mdwn mdwn commented Aug 29, 2023

The time between Okta service synchronizations is now configurable. This will assist in slowing down Okta rate limits for users who have a significant number of Okta applications. The duration has been added to auth preference to allow users to tune this value when using the Okta plugin.

@github-actions github-actions Bot requested review from avatus and lxea August 29, 2023 19:11
zmb3
zmb3 reviewed Aug 29, 2023
View reviewed changes
Copy link
Copy Markdown
Collaborator

@zmb3 zmb3 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just so I understand this right - suppose there are 1000 entities in Okta that get synced.

Wouldn't this change result in the following behavior:

  • write 1000 things to the backend in a short period of time
  • wait for some amount of time
  • repeat

If that's the case, won't we still experience throttling? Should we instead insert a delay in between each of the 1000 writes?

Comment thread api/proto/teleport/legacy/types/types.proto Outdated
@mdwn
Copy link
Copy Markdown
Contributor Author

mdwn commented Aug 29, 2023

Just so I understand this right - suppose there are 1000 entities in Okta that get synced.

Wouldn't this change result in the following behavior:

  • write 1000 things to the backend in a short period of time
  • wait for some amount of time
  • repeat

If that's the case, won't we still experience throttling? Should we instead insert a delay in between each of the 1000 writes?

This is for the Okta API throttling rather than the backend throttling. The backend is being throttled within the Okta service, limiting to roughly 5 writes per second FWIW.

zmb3
zmb3 reviewed Aug 30, 2023
View reviewed changes
Comment thread api/proto/teleport/legacy/types/types.proto Outdated
Allow configurable Okta service synchronization duration.
747471c 
The time between Okta service synchronizations is now configurable. This will
assist in slowing down Okta rate limits for users who have a significant
number of Okta applications. The duration has been added to auth preference
to allow users to tune this value when using the Okta plugin.
@mdwn mdwn force-pushed the mike.wilson/okta-duration branch from af95906 to 747471c Compare August 30, 2023 17:01
@mdwn mdwn enabled auto-merge August 30, 2023 17:01
r0mant
r0mant requested changes Aug 30, 2023
View reviewed changes
Comment thread api/proto/teleport/legacy/types/types.proto Outdated
@mdwn mdwn requested a review from r0mant August 30, 2023 18:24
@mdwn mdwn added this pull request to the merge queue Aug 30, 2023
Merged via the queue into master with commit 56b7c9a Aug 30, 2023
@mdwn mdwn deleted the mike.wilson/okta-duration branch August 30, 2023 19:35
@public-teleport-github-review-bot
Copy link
Copy Markdown

public-teleport-github-review-bot Bot commented Aug 30, 2023

@mdwn See the table below for backport results.

Branch Result
branch/v13 Failed
branch/v14 Create PR

This was referenced Aug 30, 2023
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zmb3 zmb3 zmb3 left review comments

@r0mant r0mant r0mant approved these changes

@avatus avatus avatus approved these changes

+1 more reviewer

@lxea lxea lxea approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

size/sm

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@mdwn @r0mant @avatus @zmb3 @lxea