3.4 Configuring Security
Instance administrators can configure instance security, including service-level security, configuring support for Real Application Security, configuring session time out, preventing browser attacks by isolating workspaces, excluding domains from regions and Web services, configuring authentication controls, creating strong password policies, and managing authorized URLs.
Note:
To ensure the security and performance of your development environment, some administration functionality is not available in Oracle APEX instances running in Oracle Cloud.- Configuring Service-level Security Settings
Instance administrators can configure service-level security in Manage Instance, Security, Security Settings, Security. - Configuring HTTP Protocol Attributes
Determine HTTPS requirements for an Oracle APEX instance and all related applications. - Enabling Real Application Security
Enable Oracle Real Application Security. - Configuring Session Timeout for an Instance
Use the Session Timeout attributes for an instance to reduce exposure at the application-level for abandoned computers with an open web browser. - Isolating All Workspaces in an Instance
Instance administrators can configure limits to isolate all workspaces and prevent browser attacks. Workspace administrators can override these default values at the workspace-level. - Defining Excluded Domains for Regions and Web Services
Define a list of restricted domains for regions of type URL and Web services. If a Web service or region of type URL contains an excluded domain, an error displays informing the user that it is restricted. - Configuring Authentication Controls for an Instance
Administrators can configure authentication controls for an entire instance or for each individual workspace. - Creating Strong Password Policies
Instance administrators can create strong password policies for an Oracle APEX instance. - Managing Authorized URLs
Create and manage a list of authorized URLs.
Parent topic: Oracle APEX Administration Services