1. App Builder User's Guide
  2. Managing Application Data
  3. Managing Web Credentials
  4. Creating Web Credentials

17.6.2 Creating Web Credentials

Create Web credentials from either Workspace Utilities or Shared Components.

To create Web credentials:

  1. Navigate to the Web Credentials page:
    • From Workspace Utilities:

      1. On the Workspace home page, click App Builder.

      2. Click Workspace Utilities.

      3. Click Web Credentials.

    • From Shared Components:

      1. On the Workspace home page, click App Builder.

      2. Select an application.

      3. On the Application home page, click Shared Components in the center of the page.

      4. Under Workspace Objects, select Credentials.

  2. On the Web Credentials page, click Create.
  3. Configure the Attributes on the Web Credentials page.
    1. Name - Enter a descriptive name.Static ID
    2. Static ID - Use the static identifier to reference the credential in API calls.
    3. Authentication Type - Select one of the following:
      • Basic Authentication
      • OAuth2 Client Credentials
      • OCI Native Authentication
      • HTTP Header
      • URL Query String
      • Key Pair

      To learn more about available Authentication Types, see field level Help.

      Note:

      The the Authentication Type you select, determines what options that display next.
  4. Use Database Credential - This switch only displays if the Authentication Type is Basic Authentication or OAuth2 Client Credentials.

    If the Use Database Credential switch is enabled, a section to configure the name of a database credential appears. Since a database credential is managed by the database and not by APEX, the attributes for Client ID, Client Secret, and Valid For URLs disappear.

    To learn more about Use Database Credential, see field-level Help.

  5. If the Authentication Type, Basic Authentication:
    1. Client ID or Username - Enter the Username. APEX does not store this information encrypted.
    2. Client Secret or Password - Enter the password.
    3. Verify Client Secret or Password - Enter the password again to verify your input.
    4. Valid for URLs - APEX checks whether the URL a Web credentials uses matches the URLs in this attribute. When adding URLs to this attribute:

      • Place each URL on a new line.

      • The URL endpoint being used must start with one of the URLs provided here.

      See field-level Help for examples.

    5. Prompt On Install - Choose whether prompts for this credential display when the application is imported on another APEX instance.
    6. Comments - Enter any comments or notes here. These comments never display when running the application.
  6. For Authentication Type, OAuth2 Client Credentials:
    1. OAuth Scope - Permissions represented by the Access Token in OAuth 2.0 terms are known as scopes. The scope parameter allows the application to express the desired scope of the access request.

      If your authentication server requires a scope to be specified for the access token request, provide it here. The OAuth2 access token will then be requested with the following request body:

      grant_type=client_credentials&scope={scope}
    2. Client ID or Username - Enter the Client ID. APEX does not store this information encrypted.
    3. Client Secret or Password - Enter the password.
    4. Verify Client Secret or Password - Enter the password again to verify your input.
    5. Valid for URLs - APEX checks whether the URL a Web Credential uses matches the URLs in this attribute. When adding URLs to this attribute:

      • Place each URL on a new line.

      • The URL endpoint being used must start with one of the URLs provided here.

      See field-level Help for examples.

    6. Prompt On Install - Choose whether prompts for this credential display when the application is imported on another APEX instance.
    7. Comments - Enter any comments or notes here. These comments never display when running the application.
  7. For Authentication Type, OCI Native Authentication:
    1. OCI User ID - Enter the Oracle Cloud Infrastructure User OCID. APEX does not store this information encrypted.
    2. OCI Private Key - Enter the private key in PEM format for OCI authentication. APEX stores this information encrypted and secure, so it cannot be retrieved back in clear text.
    3. OCI Tenancy ID - Enter the Oracle Cloud Infrastructure Tenancy's OCID.
    4. OCI Public Key Fingerprint - Enter the public RSA key fingerprint for OCI authentication.
    5. Valid for URLs - APEX checks whether the URL a Web Credential uses matches the URLs in this attribute. When adding URLs to this attribute:

      • Place each URL on a new line.

      • The URL endpoint being used must start with one of the URLs provided here.

      See field-level Help for examples.

    6. Prompt On Install - Choose whether prompts for this credential display when the application is imported on another APEX instance.
    7. Comments - Enter any comments or notes here. These comments never display when running the application.
  8. For Authentication Type, HTTP Header:
    1. Credential Name - Provide the name of the HTTP Header or URL Query String parameter to use for this credential.
    2. Credential Secret - Enter the value (or secret) of the credential.
    3. Valid for URLs - APEX checks whether the URL a Web Credential uses matches the URLs in this attribute. When adding URLs to this attribute:

      • Place each URL on a new line.

      • The URL endpoint being used must start with one of the URLs provided here.

      See field-level Help for examples.

    4. Prompt On Install - Choose whether prompts for this credential display when the application is imported on another APEX instance.
    5. Comments - Enter any comments or notes here. These comments never display when running the application.
  9. For Authentication Type, URL Query String:
    1. Credential Name - Enter the name of the URL Query String parameter to use for this credential.
    2. Credential Secret - Enter the value (or secret) of the credential.
    3. Valid for URLs - APEX checks whether the URL a Web Credential uses matches the URLs in this attribute. When adding URLs to this attribute:

      • Place each URL on a new line.

      • The URL endpoint being used must start with one of the URLs provided here.

      See field-level Help for examples.

    4. Prompt On Install - Choose whether prompts for this credential display when the application is imported on another APEX instance.
    5. Comments - Enter any comments or notes here. These comments never display when running the application.
  10. For Authentication Type, Key Pair:
    1. Public Key - Enter the public key for for the key pair credentials. APEX does not store this information encrypted.
    2. Private Key - Enter the private key for the key pair credentials. APEX stores this information encrypted, so it cannot be retrieved back in clear text.
    3. Verify Private Key - Enter the private key again, to verify your input.
  11. Click Apply Changes.

Parent topic: Managing Web Credentials