HOW TO CREATE an Authentication Scheme in Oracle APEX

Introduction
Creating a custom authentication scheme in Oracle APEX allows you to define how users are identified and validated when logging into your application. While APEX provides several preconfigured options, building your own scheme gives you full control over the login process. This is especially useful when integrating with custom user tables, external APIs, or internal security rules. Knowing how to create an authentication scheme is essential for tailoring login logic to your application's requirements.

How to Create an Authentication Scheme in Oracle APEX

1. Open Your Application

   • Log in to Oracle APEX

   • From the App Builder, open the application where you want to add a custom authentication scheme

2. Navigate to Authentication Schemes

   • Go to Shared Components

   • Under the Security section, click Authentication Schemes

3. Create a New Authentication Scheme

   • Click Create

   • You will be prompted to choose from the following types:

     • Based on a Preconfigured Scheme (e.g., APEX, LDAP, Social Sign-In)

     • Custom (for PL/SQL-based logic)

   • Select Custom and click Next

4. Define the Custom Scheme

   • Name your authentication scheme (e.g., Custom_User_Table_Auth)

   • Under Authentication Function, provide a PL/SQL function that returns TRUE if the login is successful:

     DECLARE
       l_valid NUMBER;
     BEGIN
       SELECT COUNT(*) INTO l_valid
       FROM app_users
       WHERE username = :USERNAME
         AND password = :PASSWORD;
       RETURN l_valid = 1;
     END;
     

   • You can also configure:

     • Post-Authentication Procedure

     • Session Timeout Behavior

     • Logout URL

   • Click Create Authentication Scheme

5. Make the Scheme Current

   • After creation, return to the Authentication Schemes page

   • Click on your custom scheme

   • Click Make Current to activate it for your application

6. Test the Login

   • Run the application and attempt login using the credentials from your custom source (e.g., a user table)

Authentication is the process of verifying a user's identity before granting access to an application. In Oracle APEX, authentication ensures that only authorized users can interact with the application based on the authentication method configured.

Authentication can be as simple as requiring a username and password or as complex as integrating with external identity providers using Single Sign-On (SSO), OAuth2, LDAP, or SAML. Once authenticated, Oracle APEX tracks the user session using the built-in substitution string APP_USER, which helps in session management and security enforcement throughout the application.

By configuring authentication schemes, developers can customize how users log in and how their identities are managed within the APEX environment.

Best Practices

• Store passwords securely using hashing (e.g., SHA-256)

• Use UPPER() or LOWER() functions to standardize usernames

• Always test new schemes in a development environment before pushing to production

• Name your schemes clearly to avoid confusion when managing multiple apps

• Keep your authentication logic simple and reusable

Oracle APEX Documentation
For detailed steps and examples, refer to the official documentation:
https://docs.oracle.com/en/database/oracle/apex/23.2/aeapp/creating-authentication-schemes.html

Conclusion
Creating a custom authentication scheme in Oracle APEX gives you full flexibility over how users log in to your application. Whether you’re using a custom user table or integrating with an external service, APEX provides the tools to build secure, reliable login logic. By following best practices and using the shared components efficiently, you ensure a secure and personalized experience for every user.