17.6.2 Creating Web Credentials

Create Web credentials from either Workspace Utilities or Shared Components.

To create Web credentials:

1. Navigate to the Web Credentials page:
   • From Workspace Utilities:

     1. On the Workspace home page, click App Builder.

     2. Click Workspace Utilities.

     3. Click Web Credentials.

   • From Shared Components:

     1. On the Workspace home page, click App Builder.

     2. Select an application.

     3. On the Application home page, click Shared Components in the center of the page.

     4. Under Workspace Objects, select Credentials.

2. On the Web Credentials page, click Create.
3. Configure the Attributes on the Web Credentials page.
4. Name - Enter a descriptive name.
5. Static Identifier - Use the static identifier to reference the credential in API calls.
6. Authentication Type - Select one of the following:
   • Basic Authentication
   • OAuth2 Client Credentials Flow
   • Oracle Cloud Infrastructure (OCI)
   • HTTP Header
   • URL Query String

   To learn more about this attribute, see field level Help.

   The options that display next depend upon the Authentication Type you select.

7. For the Authentication Type Basic Authentication:
   1. Client ID or Username - Enter the Username. APEX does not store this information encrypted.
   2. Client Secret or Password - Enter the password.
   3. Verify Client Secret or Password - Enter the password again to verify your input.
   4. Valid for URLs - APEX checks whether the URL a Web credentials uses matches the URLs in this attribute. When adding URLs to this attribute:

      • Place each URL on a new line.

      • The URL endpoint being used must start with one of the URLs provided here.

      See field-level Help for examples.

   5. Prompt On Install - Choose whether prompts for this credential display when the application is imported on another APEX instance.
   6. Comments - Enter any comments or notes here. These comments never display when running the application.
8. For the Authentication Type OAuth2 Client Credentials Flow:
   1. OAuth Scope - Permissions represented by the Access Token in OAuth 2.0 terms are known as scopes. The scope parameter allows the application to express the desired scope of the access request.

      If your authentication server requires a scope to be specified for the access token request, provide it here. The OAuth2 access token will then be requested with the following request body:

      grant_type=client_credentials&scope={scope}

   2. Client ID or Username - Enter the Client ID. APEX does not store this information encrypted.
   3. Client Secret or Password - Enter the password.
   4. Client Secret or Password - Enter the password again to verify your input.
   5. Valid for URLs - APEX checks whether the URL a Web Credential uses matches the URLs in this attribute. When adding URLs to this attribute:

      • Place each URL on a new line.

      • The URL endpoint being used must start with one of the URLs provided here.

      See field-level Help for examples.

   6. Prompt On Install - Choose whether prompts for this credential display when the application is imported on another APEX instance.
   7. Comments - Enter any comments or notes here. These comments never display when running the application.
9. For the Authentication Type Oracle Cloud Infrastructure (OCI):
   1. OCI User ID - Enter the Oracle Cloud Infrastructure User OCID. APEX does not store this information encrypted.
   2. OCI Private Key - Enter the private key in PEM format for OCI authentication. APEX stores this information encrypted and secure, so it cannot be retrieved back in clear text.
   3. OCI Tenancy ID - Enter the Oracle Cloud Infrastructure Tenancy's OCID.
   4. OCI Public Key Fingerprint - Enter the public RSA key fingerprint for OCI authentication.
   5. Valid for URLs - APEX checks whether the URL a Web Credential uses matches the URLs in this attribute. When adding URLs to this attribute:

      • Place each URL on a new line.

      • The URL endpoint being used must start with one of the URLs provided here.

      See field-level Help for examples.

   6. Prompt On Install - Choose whether prompts for this credential display when the application is imported on another APEX instance.
   7. Comments - Enter any comments or notes here. These comments never display when running the application.
10. For the Authentication Type HTTP Header:
    1. Credential Name - Enter the name of the HTTP Header to use for this credential.
    2. Credential Secret - Enter the value (or secret) of the credential.
    3. Valid for URLs - APEX checks whether the URL a Web Credential uses matches the URLs in this attribute. When adding URLs to this attribute:

       • Place each URL on a new line.

       • The URL endpoint being used must start with one of the URLs provided here.

       See field-level Help for examples.

    4. Prompt On Install - Choose whether prompts for this credential display when the application is imported on another APEX instance.
    5. Comments - Enter any comments or notes here. These comments never display when running the application.
11. For the Authentication Type URL Query String:
    1. Credential Name - Enter the name of the URL Query String parameter to use for this credential.
    2. Credential Secret - Enter the value (or secret) of the credential.
    3. Valid for URLs - APEX checks whether the URL a Web Credential uses matches the URLs in this attribute. When adding URLs to this attribute:

       • Place each URL on a new line.

       • The URL endpoint being used must start with one of the URLs provided here.

       See field-level Help for examples.

    4. Prompt On Install - Choose whether prompts for this credential display when the application is imported on another APEX instance.
    5. Comments - Enter any comments or notes here. These comments never display when running the application.
12. Click Apply Changes.