Set Up Custom Authentication

Introduction
Setting up custom authentication in Oracle APEX enables you to implement your own login logic tailored to specific application needs. This is ideal when the built-in authentication options do not fit your requirements, such as integrating with external user stores, applying unique security rules, or supporting multi-factor authentication. Custom authentication gives you full control over how users are verified before gaining access.

How to Set Up Custom Authentication in Oracle APEX

1. Open Your Application
   Log in to Oracle APEX and open the application where you want to configure custom authentication.

2. Navigate to Authentication Schemes
   Under Shared Components, click on Authentication Schemes found in the Security section.

3. Create a New Custom Authentication Scheme

   • Click Create and select Custom as the scheme type.

   • Enter a meaningful name for the scheme (e.g., My_Custom_Auth).

4. Write the Authentication Function

   • Provide a PL/SQL function that accepts user credentials and returns TRUE if authentication succeeds, or FALSE otherwise.

   • For example:

   DECLARE
     l_valid NUMBER;
   BEGIN
     SELECT COUNT(*) INTO l_valid
     FROM users_table
     WHERE user_name = :USERNAME
       AND user_password = :PASSWORD; -- Use secure hashing here
     RETURN l_valid = 1;
   END;
   

   • Make sure to replace users_table with your actual user table and implement secure password handling.

5. Configure Login and Logout Pages

   • Optionally set custom login and logout pages or URLs for better control over the user experience.

6. Set the Custom Scheme as Current
   Save the scheme and activate it by selecting Make Current.

7. Test Your Authentication Scheme
   Run your application and verify the login process functions as expected with your custom logic.

Learn how to configure a custom authentication scheme in Oracle APEX.

Setting Up Custom Authentication

Learn how to configure a Custom Authentication Scheme in Oracle APEX.

Steps to Create a Custom Authentication Scheme:

Navigate to the Authentication Schemes Page

• On the Workspace home page, click App Builder.

• Select your application.

• On the Application home page, click Shared Components.

• The Shared Components page appears.

Create a New Authentication Scheme

• Under Security, click Authentication Schemes.

• On the Authentication Schemes page, click Create.

Select the Authentication Type

• Choose "Based on a pre-configured scheme from the gallery" and click Next.

Configure Authentication Details

• Name: Enter a descriptive name for the authentication scheme.

• Scheme Type: Select Custom.

Define Custom Authentication Logic

• Fill in the appropriate fields.

• For details about each field, refer to the field-level Help.

Save the Authentication Scheme

• Click Create Authentication Scheme to apply your changes.

Your custom authentication scheme is now set up and ready to be configured for login validation. 

Best Practices

• Never store passwords in plain text; always use hashing with salt.

• Sanitize input parameters to avoid SQL injection risks.

• Keep authentication logic simple and performant to avoid slowing down logins.

• Document your custom authentication code and configuration.

• Test thoroughly in a development environment before deploying to production.

Oracle APEX Documentation
For more information on custom authentication, visit:
https://docs.oracle.com/en/database/oracle/apex/23.2/aeapp/custom-authentication-schemes.html

Conclusion
Setting up custom authentication in Oracle APEX empowers you to tailor user login processes to your unique requirements. By carefully designing and testing your authentication logic, you can create secure, reliable, and user-friendly access controls that integrate seamlessly with your application’s infrastructure.