APEXITTechnical

User Self-Registration in Oracle APEX: Using the Application Express Accounts Authentication Scheme

By September 24, 2019 No Comments

Self-Registration in Oracle APEX is not terribly common because most use cases involve users being managed by LDAP, database accounts, or single sign-on. When the above are not the case, usually something like a social sign-in, custom authentication, or no authentication will suffice. There are exceptions however, and every so often it makes sense to want to use APEX accounts for authentication.

 

The typical situation for this use case involves one or more of the following:

  • A smaller organization or limited number of users
  • Need for a more robust security than social sign-in
  • Not having the expertise or faith in setting up/managing custom authentication

 

Pros of APEX Self-Registration – APEX Authentication

  • Very secure if done correctly
  • Easy to manage
  • Intuitive

 

Cons of APEX Self-Registration – APEX Authentication

  • Potential security risk if users are not properly assigned as an end-user
  • Questions of scalability if the system needs to support many users

 

For this blog, I will walk you through the steps of creating your own self-registration process in APEX.  The purpose of this blog is to get you to understand what API calls are needed, how things work, and why they work that way.  Please do not follow the steps in the example and put that into production as is.  The instruction guide does not take you through the extra steps of setting up validation, session state protection, and adding extra layers of security with authentication/authorization.

 

Requirements

  • APEX 18.1 or higher
  • Oracle DB 12.2.0.1 or higher
  • Oracle DB access with sys or sysdba

 

Files Included

 

 

Disclaimer:

We do not take responsibility for any unintended or unwanted consequences in your instance of Oracle, Oracle APEX, or related products as a result of reading our blogs or following our guides.  Though the information is fully tested and generally safe to use, our lawyers really have a thing against admitting potential wrongdoing.  If it makes you feel any better, I occasionally turn the brightness down on their monitors to make them think it is broken.  When they order a new one, I take the old one, restore the brightness settings, and donate it to a school.

 

Written by Andrew Schultz, Oracle Developer & APEX Specialist | Traust Consulting

Leave a Reply