Skip to Main Content
  • Questions

  • Authorization with External User Access in Application Express

Breadcrumb

Question and Answer

Connor McDonald

Thanks for the question, Joao.

Asked: November 05, 2018 - 2:43 pm UTC

Last updated: November 07, 2018 - 12:57 am UTC

Version: 18.2

Viewed 1000+ times

You Asked


I need to be able to have external (business) users to be able to access only a few features of the site, for example, accounting can only see pages A and B while executives can see A, B and C.

I need to be able to have multiple groups of people with varying degrees of access.

I need the site administrator user to have the ability to do this through the site and not through the developer mode. Is that possible in Apex 18.2?

and Connor said...

Yes that it is possible and is common.

Check out "Authorization Schemes" in your shared components section.

Once you've defined schemes, you can attach them to entire pages, or just regions within pages, etc etc. It can be as broad or as granular as you like.

AskTOM is a simple example of this. I'm answering this question via one of our "Administrative" pages - pages that *you* do not see because you are not an AskTOM administrators.

Plenty of good information here

https://docs.oracle.com/html/E39147_04/sec_authorization.htm


Rating

  (2 ratings)

Is this answer out of date? If it is, please let us know via a Comment

Comments

Multiple system, multiple users

Joao Bocozzi, November 06, 2018 - 12:21 pm UTC

Thanks for your reply Connor, Based on the document you sent me would it be correct I work as follows?
I developed an application that will be used by several clients, each client with its users and access levels, accessing their data, should I create a workspace for each client along with their schemas?
Connor McDonald
November 07, 2018 - 12:57 am UTC

Depends on what you mean by "clients" and the data.

eg

If I had a payroll application that was going to be used 3 customers, then I'd probably have 3 workspaces, each underpinned by a different schema, so that the data is totally separated, because each customer should *never* see any other customers data.

Conversely, within each of those workspace, if a single customer had different types of users (eg payroll admin can do anything, finance user can see *most* screens, general user can only do enquiries on a limited set of screens), then I would implement that with authorization schemes at the application express level

Multiple system, multiple users

Joao Bocozzi, November 08, 2018 - 11:59 am UTC

In this case Clients means companies that have a business relationship.
more

Connor and Chris don't just spend all day on AskTOM. You can also catch regular content via Connor's blog and Chris's blog. Or if video is more your thing, check out Connor's latest video and Chris's latest video from their Youtube channels. And of course, keep up to date with AskTOM via the official twitter account.

More to Explore

APEX

Keep your APEX skills fresh by attending their regular Office Hours sessions.