Oracle APEX application can be authenticated using an authentication scheme. The authentication process requires that a user provides some type of credentials such as username and password. Once credentials are verified, application access is given to users.
Once a user has been identified, the Oracle APEX engine keeps track of each user by setting the value of the built-in substitution string APP_USER. As a user navigates from page to page, the APEX engine sets the value of APP_USER to identify the user. The APEX engine uses APP_USER as one component of a key for tracking each user’s session state.
We can refer logged in user in PLSQL package using v(‘APP_USER’).
The above page represents a log in page in Oracle APEX.
Oracle APEX always created page number 9999 as a log in page in each application.
Oracle APEX application provides different authentication schemes which we can use.
Let us see all authentication schemes one by one:
Navigation for authentication schemes:
Shared components —->Security —>Authentication Schemes.
Click on Authentication Schemes.
When we create Oracle APEX application, default authentication scheme with name as “Oracle APEX accounts” is created.
With this authentication scheme, APEX application validates log in users with APEX account user. We can set up different user accounts from Manage Users and groups option under Administration as shown below:
This will create users at APEX account level and can be used to login to APEX application when we select “Oracle APEX accounts” as our current authentication scheme.
We can also create our own authentication scheme and use it for authenticating APEX application.
Create Custom Authentication Scheme:
We can also create our own authentication scheme.
Click on the Create button.
Click on Next.
Each authentication scheme is associated with scheme Type.
We are having below scheme types available in oracle APEX.
-
Builder Extension Sign-in:
The Builder Extension Sign-in Authentication Scheme enables users to open the Extension app from a APEX session without having to sign-in again with a username and password. Use this authentication scheme with Builder Extension apps published from a workspace that has been configured to host and publish Builder Extension apps.
-
Custom:
Custom authentication enables users to log in to APEX application with username and password stored in custom database table. This will provide complete control over the authentication interface.
-
Database Accounts:
Database Account Credentials requires that a database user (schema) exist in the local database. This authentication method uses the database account username and password to authenticate the user.
-
HTTP Header Variable:
HTTP Header Variable supports the use of header variables to identify a user and to create an Oracle APEX user session. Use HTTP Header Variable authentication scheme if your company employs a centralized web authentication solution like Oracle Access Manager which provides single sign-on across applications and technologies. User credential verification is performed by these systems, and they pass the user’s name to APEX using a HTTP header variable such as “REMOTE_USER” (which is the default).
-
LDAP Directory:
With LDAP directory, we can authenticate users and password with authentication request to a LDAP request.
-
No Authentication:
With no authentication, we can login to APEX application without credentials. We can define username while creating a No authentication scheme. If we don’t specify, APEX uses database session user (APEX_PUBLIC_USER).
-
Open Door Credentials:
With this authentication type, anyone can access APEX application using login page that captures a username.
-
Oracle APEX Accounts:
With this authentication scheme, APEX application validates log in users with APEX account user. We can set up different user accounts from Manage Users and groups option under Administration.
-
Social Sign-in:
We can use social networks like Google, Facebook, and other social networks and enterprise identity providers that support OpenID Connect or OAuth2 standards for authenticating APEX applications.
