Skip to main content

How to create Custom Authentication in Oracle APEX

Authentication is the first line of defense in any application, and in Oracle APEX , it plays a vital role in controlling how users access your system. While APEX provides several built-in authentication schemes, there are scenarios where the default options may not fully align with your business requirements. That’s when Custom Authentication becomes essential. In this blogpost, I’ll walk you through the step-by-step process of creating a Custom Authentication scheme in Oracle APEX —so you can design a secure, flexible, and application-specific login mechanism tailored exactly to your needs. If you need any visual assistance then you can follow  this tutorial . STEP- 1:  Create a database table (if not exist) to store application user information. In my case I use this table structure to store user information. You may add/drop column as per your requirements.      CREATE TABLE APP_USER           (      USER_SL N...
Post a Comment

How to create Custom Authentication in Oracle APEX

Authentication is the first line of defense in any application, and in Oracle APEX, it plays a vital role in controlling how users access your system. While APEX provides several built-in authentication schemes, there are scenarios where the default options may not fully align with your business requirements. That’s when Custom Authentication becomes essential.

In this blogpost, I’ll walk you through the step-by-step process of creating a Custom Authentication scheme in Oracle APEX—so you can design a secure, flexible, and application-specific login mechanism tailored exactly to your needs. If you need any visual assistance then you can follow this tutorial.

STEP- 1: 

Create a database table (if not exist) to store application user information. In my case I use this table structure to store user information. You may add/drop column as per your requirements.


    CREATE TABLE APP_USER 

       (    USER_SL NUMBER, 

    USER_NAME VARCHAR2(20), 

    PASS_WORD VARCHAR2(3000), 

    REF_ID NUMBER, 

    USER_TYPE VARCHAR2(10), 

    CREATED_BY NUMBER, 

    CREATION_DATE DATE DEFAULT sysdate, 

    LAST_UPDATE_BY NUMBER, 

    LAST_UPDATED_DATE DATE, 

    USER_ID NUMBER

       ) ;

STEP- 2:

Login you application as developer mode. Open application builder home page and click on the "Shared Components" large button. It will redirct to shared component page. Click on the "Authentication Schemes" link under the "security" section. You will redirect to authentication schemes report page. Click on the "Create" button. Authentication create page will be open. Choose the "Based on a pre-configured scheme from the galary" option from "Create Scheme" type.

Click "Next" button. It will redirect to another page. Set some required properties as shown below-

    Name:                CUSTOM_LOGIN

    Scheme Type:    Custom (Select from drop down list)

    Authentication Function Name: custom_login

    PL/SQL Code:

                            FUNCTION login(

                                p_username      IN  VARCHAR2

                                , p_password    IN  VARCHAR2

                            ) RETURN BOOLEAN

                            IS

                                l_count     NUMBER;

                            BEGIN

                                SELECT COUNT(*)

                                INTO l_count

                                FROM app_user

                                WHERE UPPER(user_name) = UPPER(p_username)

                                AND pass_word        = p_password;

    

                                IF l_count > 0 THEN

                                    RETURN TRUE;

                                ELSE

                                    RETURN FALSE;

                                END IF;

                            END;

                            /


Validate the code and click on the "Create Authentication Scheme" button. You will redirect to the "Authentication Schemes" report page. Here you will see your newly created custom authentication.

STEP- 3:

Click on your custom authentication. You will redirect to authentication scheme edit page. Click on the "Make Current Scheme" button. A popup alert showing you a confirmation message. Click "OK". 


STEP- 4:

Open page no. 9999 (Login Page). Navigate to process tab and select "Login" process.


Change it's properties as like below-

Type:     Execute Code

Location:    Local Database 

Language: PL/SQL

PL/SQL Code: 

                        apex_authentication.login(

                            p_username      => :P9999_USERNAME

        , p_password    => apex_util.get_hash(apex_t_varchar2(:P9999_USERNAME, :P9999_PASSWORD), NULL)

                        );


Validate the code and click "OK".  Save the page and run it. Login with your custom user and enjoy the custom authentication process. 

STEP- 5 (Optional):

This step is not mandatory but it's have a great impact if you implement it. Remove the PL/SQL code from step 2 and create the function in database level. The benefit is to create in database level is- you can call it from many application as per your need. Just open the SQL Editor and paste the below code-


                            CREATE OR REPLACE FUNCTION login(

                                p_username      IN  VARCHAR2

                                , p_password    IN  VARCHAR2

                            ) RETURN BOOLEAN

                            IS

                                l_count     NUMBER;

                            BEGIN

                                SELECT COUNT(*)

                                INTO l_count

                                FROM app_user

                                WHERE UPPER(user_name) = UPPER(p_username)

                                AND pass_word        = p_password;

    

                                IF l_count > 0 THEN

                                    RETURN TRUE;

                                ELSE

                                    RETURN FALSE;

                                END IF;

                            END;

                            /

Compile the code. That's it. Implementing Custom Authentication in Oracle APEX gives you the flexibility to design a login process that goes beyond the built-in options. By tailoring authentication to your specific business rules, you can ensure both security and user convenience.

With the steps outlined in this guide, you now have a clear path to build and manage your authentication logic whether it’s integrating with existing systems, validating against custom tables, or enforcing unique business rules. APEX empowers you to take full control of the authentication process, resulting in applications that are not only secure but also perfectly aligned with organizational needs.




Comments

Post a Comment

Popular posts from this blog

How to preview & download files from database or local directory in Oracle APEX

 It is common for Oracle APEX developers to need to handle files. This blog post will show you how to preview and download files stored in a database or a local directory. The most common approach in Oracle APEX is to store files directly in the database, typically within a BLOB (Binary Large Object) column. The primary reason is that this method simplifies data management and backup. Sometimes, you may need to handle files stored directly on the server's file system rather than in the database. This is common for large files or when files are managed by other systems. We will cover the basic steps and code snippets required for each method. Before approaching this tutorial, you must need to cover ( preview image in large scale  and  save file into database/local directory ) these two tutorial. Step 1: Create a blank page and then create 3 regions. Set these three regions properties as like below- Region-1:     Name:           ...
1 comment
Read more

How to integrate gmail and send email from Oracle APEX

Manually managing communications with vendors and customers in today's enterprise environment is a time-consuming and often inefficient process. Juggling emails, follow-ups, and notifications can quickly become overwhelming, leading to missed opportunities and delays. To streamline this critical aspect of business, it's essential to modernize your communication system. By integrating email directly into your business software, you can automate these interactions, ensuring timely and consistent communication without the manual effort. I have try to demonstrate step by step how to integrate gamil account with application in Oracle APEX. For better understanding, you can follow the email configuration system. Step 1: Create Access Control List (ACL). Connect your sys user and execute the below command- DECLARE     l_acl_path     VARCHAR2(3000); BEGIN     SELECT acl     INTO l_acl_path     FROM dba_network_acls     WHERE host = '*'...
1 comment
Read more

How to send SMS from Oracle APEX

 In today’s digitalized business solution world, SMS notifications are one of the fastest ways to reach users. Whether it’s for OTP (One-Time Password), reminders, or alerts, integrating SMS with your Oracle APEX application can add huge value. In this guide, we’ll walk through different ways to send SMS from Oracle APEX . For better understand follow this  Tutorial in Youtube. Why Send SMS from Oracle APEX? Oracle APEX already provides built-in features for sending emails, but sometimes email isn’t enough. SMS can be useful for: OTP & Two-factor Authentication Order Confirmations Text Notifications Promotional Messages Process to Send SMS in Oracle APEX 1. Register with Third Party SMS Gateway Most SMS providers (like Twilio, Nexmo, or local telecom gateways) expose a REST API to send SMS. Oracle APEX supports REST integrations, so you can call these APIs directly. Steps: Choose an SMS provider (e.g., Twilio, Nexmo, Clickatell, or your local...
1 comment
Read more