SET_ALLOWED_URLS Procedure

This procedure sets a list of URLs that can be used for this credential.

A credential can be used for a HTTP request if its target URL matches one of the URLS in this list. Matching is done on a starts-with basis.

For instance, if "https://www.oracle.com" and "https://apex.oracle.com/ords/" are set as the allowed URLs, then the credential can be used for the following HTTP request examples:

https://www.oracle.com/
https://www.oracle.com/myrest/service
https://apex.oracle.com/ords/secret/workspace

The credential cannot be used for the following request examples:

https://web.oracle.com
https://apex.oracle.com/apex/workspace
http://www.oracle.com/

For security, the credential secret (Client Secret, Password, Private Key) must be passed in too. If not passed, or passed as NULL, the secret is cleared.

Syntax

PROCEDURE SET_ALLOWED_URLS (
    p_credential_static_id  IN VARCHAR2,
    p_allowed_urls          IN apex_t_varchar2,
    p_client_secret         IN VARCHAR2 );

Parameters

Parameter	Description
`p_credential_static_id`	The credential static ID.
`p_allowed_urls`	List of URLs (as `APEX_T_VARCHAR2`) that these credentials can access.
`p_client_secret`	Client Secret. If allowed URLs are changed, this must be provided again.

Examples

This example sets allowed URLs for the credential OAuth Login.

BEGIN
  apex_credential.set_allowed_urls (
    p_credential_static_id => 'OAuth Login',
    p_allowed_urls         => apex_t_varchar2( 
                              'https://tokenserver.example.com/oauth2/token',
                              'https://www.oracle.com' ),
    p_client_secret        => '1278672tjksaGSDA789312..' );
END;