Oracle APEX, a terrific low-code and rapid application development, ought to isolate developer credentials from application credentials. Running applications with developer-level credentials exposes low-code/no-code applications to risks. Please avoid these features. Read why now…
Oracle APEX includes user security features rooted firmly within Oracle. These features permit developers to list users, add users, assign user’s permissions/roles, and removing a user. When promoting a low-code and secure application, trusting then using Oracle’s security for user authentication and authorization will save time, effort, and costs. You gain the additional benefit of drawing on decades of Oracle’s experience in user security. I am presenting this article in two parts. Together, these articles examines the APEX_ACL and APEX_UTIL packages and several public views including APEX_APPL_ACL_USER, and APEX_WORKSPACE_USERS.
A key purpose of this blog entry is to communicate that we are publishing a template for PL/SQL-based API. It is located on my GITHub page (https://github.com/cmoore-sp/plsql-api.git) and communicates with a public website hosting public APIs.