Understanding Preconfigured Authentication Schemes

Bharat BhatiaBharat Bhatia
3 min read

When creating an authentication scheme from the gallery, you can choose from a set of preconfigured options that follow standard authentication and session management practices. To link an authentication scheme to your application, start by selecting the application and then creating a new authentication scheme. Note that a newly created scheme is not automatically activated. To enable it, simply edit the scheme and click Make Current Scheme to set it as the active authentication method for your application.

This section describes all preconfigured authentication schemes that ship with Oracle APEX.

  1. Oracle APEX Accounts

    Oracle APEX Accounts are user accounts that are created within and managed in the APEX user repository. When you use this method, your application is authenticated against these accounts.

    Oracle APEX Accounts authentication requires that a database user (schema) exists in the local database. When using this method, the user name and password of the database account is used to authenticate the user.

    Oracle APEX Accounts is a good solution when:

    • You want control of the user account repository.

    • User name and password-based approach to security is sufficient.

    • You do not need to integrate into a single sign-on framework.

Oracle APEX Accounts is an especially good approach when you must get a group of users up and running on a new application quickly.

  1. Custom Authentication

    Creating a Custom Authentication scheme from scratch to have complete control over your authentication interface.

    Custom authentication is the best approach for applications when any of the following is true:

    • Database authentication or other methods are not adequate.

    • You want to develop your own login form and associated methods.

    • You want to control security aspects of session management.

    • You want to record or audit activity at the user or session level.

    • You want to enforce session activity or expiry limits.

    • You want to program conditional one-way redirection logic before Oracle APEX page processing.

    • You want to integrate your application with non-APEX applications using a common session management framework.

    • Your application consists of multiple applications that operate seamlessly (for example, more than one application ID).

    • When you want your users to be able to register their own accounts.

For detailed understanding, refer Custom Auth article by Bharat.

  1. Database Accounts

    Database Account Credentials authentication utilizes database schema accounts to authenticate users.

  2. HTTP Header Variable

    Authenticate users externally by storing the username in a HTTP Header variable set by the web server.

    HTTP Header Variable supports the use of header variables to identify a user and to create an Oracle APEX user session. Use HTTP Header Variable authentication scheme if your company employs a centralized web authentication solution like Oracle Access Manager which provides single sign-on across applications and technologies. User credential verification is performed by these systems and they pass the user's name to APEX using a HTTP header variable such as "REMOTE_USER"

  3. Open Door Credentials

    Enable anyone to access your application using a built-in login page that captures a user name.

  4. No Authentication (using DAD)

    Adopts the current database user. This approach can be used in combination with a mod_plsql Database Access Descriptor (DAD) configuration that uses basic authentication to set the database session user.

  5. LDAP Directory

    Authenticate a user and password with an authentication request to a LDAP server.

  6. Oracle Application Server Single Sign-On Server

    Delegates authentication to the Oracle AS Single Sign-On (SSO) Server. To use this authentication scheme, your site must have been registered as a partner application with the SSO server.

  7. SAML Sign-In

    Delegates authentication to the Security Assertion Markup Language (SAML) Sign In authentication scheme.

  8. Social Sign-In

    Social Sign-In supports authentication with Google, Facebook, and other social networks and enterprise identity providers that support OpenID Connect or OAuth2 standards.

3
Subscribe to my newsletter

Read articles from Bharat Bhatia directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Oracle APEX Preconfigured Authentication SchemesAuthentication Schemes in Oracle APEXHow to configure authentication in Oracle APEXOracle APEX login setupOracle APEX authentication typesOracle APEX session managementAPEX authentication vs custom authenticationPrebuilt authentication in Oracle APEXOracle APEX login methodsOracle APEX security featuresOracle APEX user authenticationEnable authentication scheme in Oracle APEXMake current authentication scheme APEXOracle APEX Custom authenticationOracle APEX Social Sign-On

Written by

Bharat Bhatia
Bharat Bhatia

I am an Oracle ACE and Certified Professional with over 20 years of experience in solution architecture and enterprise software development. My expertise spans Oracle APEX, AI Vector, Generative AI, OIC, Redwood, Oracle EBS, and Project Management (PMP). I specialize in designing and delivering scalable, secure, and integrated solutions across cloud and on-premises environments. As a solution architect and hands-on developer, I have led full-cycle implementations—covering system architecture, integration, development, deployment, and support. I have consistently delivered innovative applications that improve performance, streamline operations, and drive business value. In my role as Regional Leader of the India Oracle APEX User Group (INOAUG), I actively promote Oracle APEX as a modern low-code platform, highlighting its integration capabilities and enterprise-grade potential. Passionate about technology and knowledge sharing, I regularly conduct training sessions, write technical blogs, and produce video tutorials to support the Oracle developer community and inspire adoption of next-gen solutions.