How To Create an Authentication Scheme in Oracle APEX

Introduction
Creating an authentication scheme in Oracle APEX is essential for controlling how users access your application. An authentication scheme defines the process of verifying user identities during login. While APEX offers several preconfigured schemes, creating a custom authentication scheme allows you to tailor user validation to specific business needs, such as integrating with custom user tables or external systems.

How to Create an Authentication Scheme in Oracle APEX

1. Open Your Application
   Log in to Oracle APEX and open the application where you want to add the authentication scheme.

2. Access Authentication Schemes
   Navigate to Shared Components and select Authentication Schemes under the Security section.

3. Create a New Authentication Scheme
   Click Create and choose the type of scheme you want to create. For custom logic, select Custom authentication.

4. Define the Authentication Logic
   Provide a name for your scheme (e.g., Custom_Auth). Then, write the PL/SQL code that validates the user credentials. A simple example:

   DECLARE
     l_count NUMBER;
   BEGIN
     SELECT COUNT(*) INTO l_count
     FROM users
     WHERE username = :USERNAME
       AND password = :PASSWORD;
     RETURN l_count = 1;
   END;
   

   This code checks if the username and password exist in the users table.

5. Configure Additional Settings
   Set options like post-login and post-logout behavior, session timeout, and other preferences.

6. Make the Scheme Current
   After saving, select your new scheme and click Make Current to activate it.

7. Test the Authentication Scheme
   Run your application and verify that login works as expected with your authentication logic.

In Oracle APEX, an authentication scheme controls how users log in to an application. To associate an authentication scheme with an application, you must create one in the Shared Components section.

Steps to Create an Authentication Scheme

1. Open the App Builder

• Log in to your Oracle APEX workspace.

• Click on App Builder to view your applications.

2. Select an Application

• Click on the application where you want to set up authentication.

• This will take you to the application's home page.

3. Navigate to Authentication Schemes

• Click on Shared Components under the application menu.

• Under the Security section, select Authentication Schemes.

4. Create a New Authentication Scheme

• Click Create to add a new authentication scheme.

• Choose one of the predefined authentication schemes or create a custom one.

5. Select the Authentication Type

• Oracle APEX offers several authentication methods, including: 

• APEX Accounts – Uses Oracle APEX workspace credentials.

• Database Accounts – Uses database schema user credentials.

• LDAP Directory – Connects to an LDAP authentication server.

• Social Sign-In – Supports authentication via Google, Facebook, or other OpenID Connect/OAuth2 providers.

• Custom Authentication – Allows you to define your own authentication logic using PL/SQL.

6. Configure Authentication Settings

• Depending on the authentication type selected, provide the necessary credentials, URLs, or connection details.

• If using Custom Authentication, enter the PL/SQL function or process that validates users.

7. Save and Set as Current

• Click Create Authentication Scheme to save it.

• To enable this authentication scheme for the application, click Make Current.

8. Test the Authentication Scheme

• Run your application and attempt to log in to verify that authentication works as expected.

By following these steps, you can successfully create and configure an authentication scheme in Oracle APEX, ensuring secure access to your application.

Best Practices

• Always store passwords securely using hashing algorithms rather than plain text.

• Use consistent case (upper or lower) when comparing usernames to avoid mismatches.

• Test your authentication scheme thoroughly in a development environment before deploying to production.

• Name authentication schemes clearly for easy identification.

• Combine authentication with authorization schemes to control user access within your app.

Oracle APEX Documentation
For more detailed information, visit the official Oracle APEX documentation on authentication schemes:
https://docs.oracle.com/en/database/oracle/apex/23.2/aeapp/creating-authentication-schemes.html

Conclusion
Creating a custom authentication scheme in Oracle APEX provides flexibility and control over user access to your application. By defining your own validation logic, you can integrate with various user management systems and tailor authentication to your specific requirements. Following best practices ensures your scheme is secure, reliable, and maintainable as your application grows.

HOW TO CREATE an Authentication Scheme in Oracle APEX

Introduction
Creating a custom authentication scheme in Oracle APEX allows you to define how users are identified and validated when logging into your application. While APEX provides several preconfigured options, building your own scheme gives you full control over the login process. This is especially useful when integrating with custom user tables, external APIs, or internal security rules. Knowing how to create an authentication scheme is essential for tailoring login logic to your application's requirements.

How to Create an Authentication Scheme in Oracle APEX

1. Open Your Application

   • Log in to Oracle APEX

   • From the App Builder, open the application where you want to add a custom authentication scheme

2. Navigate to Authentication Schemes

   • Go to Shared Components

   • Under the Security section, click Authentication Schemes

3. Create a New Authentication Scheme

   • Click Create

   • You will be prompted to choose from the following types:

     • Based on a Preconfigured Scheme (e.g., APEX, LDAP, Social Sign-In)

     • Custom (for PL/SQL-based logic)

   • Select Custom and click Next

4. Define the Custom Scheme

   • Name your authentication scheme (e.g., Custom_User_Table_Auth)

   • Under Authentication Function, provide a PL/SQL function that returns TRUE if the login is successful:

     DECLARE
       l_valid NUMBER;
     BEGIN
       SELECT COUNT(*) INTO l_valid
       FROM app_users
       WHERE username = :USERNAME
         AND password = :PASSWORD;
       RETURN l_valid = 1;
     END;
     

   • You can also configure:

     • Post-Authentication Procedure

     • Session Timeout Behavior

     • Logout URL

   • Click Create Authentication Scheme

5. Make the Scheme Current

   • After creation, return to the Authentication Schemes page

   • Click on your custom scheme

   • Click Make Current to activate it for your application

6. Test the Login

   • Run the application and attempt login using the credentials from your custom source (e.g., a user table)

Authentication is the process of verifying a user's identity before granting access to an application. In Oracle APEX, authentication ensures that only authorized users can interact with the application based on the authentication method configured.

Authentication can be as simple as requiring a username and password or as complex as integrating with external identity providers using Single Sign-On (SSO), OAuth2, LDAP, or SAML. Once authenticated, Oracle APEX tracks the user session using the built-in substitution string APP_USER, which helps in session management and security enforcement throughout the application.

By configuring authentication schemes, developers can customize how users log in and how their identities are managed within the APEX environment.

Best Practices

• Store passwords securely using hashing (e.g., SHA-256)

• Use UPPER() or LOWER() functions to standardize usernames

• Always test new schemes in a development environment before pushing to production

• Name your schemes clearly to avoid confusion when managing multiple apps

• Keep your authentication logic simple and reusable

Oracle APEX Documentation
For detailed steps and examples, refer to the official documentation:
https://docs.oracle.com/en/database/oracle/apex/23.2/aeapp/creating-authentication-schemes.html

Conclusion
Creating a custom authentication scheme in Oracle APEX gives you full flexibility over how users log in to your application. Whether you’re using a custom user table or integrating with an external service, APEX provides the tools to build secure, reliable login logic. By following best practices and using the shared components efficiently, you ensure a secure and personalized experience for every user.