1. API Reference
  2. APEX_AUTHENTICATION
  3. CALLBACK Procedure

10.2 CALLBACK Procedure

This procedure is the landing resource for external login pages. Call this procedure directly from the browser.

Tip:

The parameters which are marked with "OAuth2" should not be used for custom callback URLs. They are only used if this procedure is used for Social Sign-In. These parameters are defined by the OAuth2 spec.

Syntax

APEX_AUTHENTICATION.CALLBACK (
    --
    -- Custom callback parameters
    --
    p_session_id        IN NUMBER   DEFAULT NULL,
    p_app_id            IN NUMBER   DEFAULT NULL,
    p_ajax_identifier   IN VARCHAR2 DEFAULT NULL,
    p_page_id           IN NUMBER   DEFAULT NULL,
    p_x01               IN VARCHAR2 DEFAULT NULL,
    p_x02               IN VARCHAR2 DEFAULT NULL,
    p_x03               IN VARCHAR2 DEFAULT NULL,
    p_x04               IN VARCHAR2 DEFAULT NULL,
    p_x05               IN VARCHAR2 DEFAULT NULL,
    p_x06               IN VARCHAR2 DEFAULT NULL,
    p_x07               IN VARCHAR2 DEFAULT NULL,
    p_x08               IN VARCHAR2 DEFAULT NULL,
    p_x09               IN VARCHAR2 DEFAULT NULL,
    p_x10               IN VARCHAR2 DEFAULT NULL,
    --
    -- OAuth2-related parameters
    --
    state               IN VARCHAR2 DEFAULT NULL,
    code                IN VARCHAR2 DEFAULT NULL,
    error               IN VARCHAR2 DEFAULT NULL,
    error_description   IN VARCHAR2 DEFAULT NULL,
    error_uri           IN VARCHAR2 DEFAULT NULL,
    error_reason        IN VARCHAR2 DEFAULT NULL,
    error_code          IN VARCHAR2 DEFAULT NULL,
    error_message       IN VARCHAR2 DEFAULT NULL,
    authuser            IN VARCHAR2 DEFAULT NULL,
    session_state       IN VARCHAR2 DEFAULT NULL,
    prompt              IN VARCHAR2 DEFAULT NULL,
    hd                  IN VARCHAR2 DEFAULT NULL,
    scope               IN VARCHAR2 DEFAULT NULL,
    realmID             IN VARCHAR2 DEFAULT NULL )

Parameters

Parameters Description
p_session_id The Oracle APEX session identifier.
p_app_id The database application identifier.
p_page_id Optional page identifier.
p_ajax_identifier The system generated Ajax identifier. See GET_AJAX_IDENTIFIER Function.
p_x01 through p_x10 Optional parameters that the external login passes to the authentication plugin.
state OAuth2.
code OAuth2.
error OAuth2.
error_description OAuth2.
error_uri OAuth2.
error_reason OAuth2.
error_code OAuth2.
error_message OAuth2.
authuser OAuth2.
session_state OAuth2.
prompt OAuth2.
hd OAuth2.
scope OAuth2.
realmID OAuth2.

Example 1

In this example, a redirect is performed to an external login page and the callback is passed into APEX, which the external login redirects to after successful authentication. 

DECLARE 
    l_callback varchar2(4000) := apex_application.get_callback_url; 
BEGIN 
    sys.owa_util.redirect_url( 
        'https://single-signon.example.com/my_custom_sso.login?p_on_success='|| 
        sys.utl_url.escape ( 
            url => l_callback, 
            escape_reserved_chars => true ); 
    apex_application.stop_apex_engine; 
END;

Example 2

In this example, an external login page saves user data in a shared table and performs a call back with a handle to the data. In APEX, the callback activates the authentication plugin's ajax code. It can take the value of x01 and fetch the actual user data from the shared table. 

---- create or replace package body my_custom_sso as 
PROCEDURE LOGIN ( 
    p_on_success in varchar2 ) 
    IS 
    l_login_id varchar2(32); 
BEGIN
    l_login_id := rawtohex(sys.dbms_crypto.random(32)); 
    insert into login_data(id, username) values (l_login_id, 'JOE USER'); 
    sys.owa_util.redirect_url ( 
    p_on_success||'&p_x01='||l_login_id ); 
END; 
---- end my_custom_sso;

See Also:

Parent topic: APEX_AUTHENTICATION