20.1 Available Parameter Values

Table 20-1 lists all the available parameter values you can set within the APEX_INSTANCE_ADMIN package, including parameters for email, wallet, and reporting printing. You can query APEX_INSTANCE_PARAMETERS dictionary view to determine the current values of these parameters, unless the parameter contains a password.

Table 20-1 Available Parameters

Parameter Name Description

ACCOUNT_LIFETIME_DAYS

The maximum number of days an end-user account password may be used before the account is expired.

ALLOW_DB_MONITOR

If set to Y, the default, database monitoring is enabled. If set to N, it is disabled.

ALLOW_HASH_FUNCTIONS

Comma-separated list of supported hash algorithms (default is SH256,SH384,SH512). SH1 is also supported by default in Oracle Database 11g.

ALLOW_HOSTNAMES

If set, users can only navigate to an application if the URL's hostname part contains this value. Instance administrators can configure more specific values at workspace level.

ALLOW_PUBLIC_FILE_UPLOAD

If set to Y, file uploads are allowed without user authentication. If set to N, the default, they are not allowed.

ALLOW_RAS

This parameter is only supported if running Oracle Database 12c.

If set to Y, enable Real Application Security support for applications. If set to N (the default), Real Application Security cannot be used.

ALLOW_REST

If set to Y, the default, developers are allowed to expose report regions as RESTful services. If set to N, the are not allowed.

APEX_BUILDER_AUTHENTICATION

Controls the authentication scheme for the internal builder applications. Valid parameter values include:

  • APEX - Application Express workspace accounts authentication (default)

  • DB - Database accounts authentication

  • HEADER - HTTP header variable based authentication

  • SSO - Oracle Single Sign-On authentication

  • LDAP - LDAP authentication

APEX_REST_PATH_PREFIX

Controls the URI path prefix used to access built-in RESTful Services exposed by Application Express. For example, built-in RESTful Service for referencing static application files using #APP_IMAGES# token. If the default prefix (r) conflicts with RESTful Services defined by users, adjust this preference to avoid the conflict.

APPLICATION_ACTIVITY_LOGGING

Controls instance wide setting of application activity log ([A]lways, [N]ever, [U]se application settings)

APPLICATION_ID_MAX

The largest possible ID for a websheet or database application.

APPLICATION_ID_MIN

The smallest possible ID for a websheet or database application.

AUTOEXTEND_TABLESPACES

If set to Y, the default, provisioned tablespaces is autoextended up to a maximum size. If set to N tablespaces are not autoextended.

BIGFILE_TABLESPACES_ENABLED

If set to Y, the tablespaces provisioned through Oracle Application Express are created as bigfile tablespaces. If set to N, the tablespaces are created as smallfile tablespaces.

CHECKSUM_HASH_FUNCTION

Defines the algorithm that is used to create one way hashes for URL checksums.Valid values are MD5 (deprecated), SH1 (SHA-1), SH256 (SHA-2, 256 bit), SH384 (SHA-2, 384 bit), SH512 (SHA-2, 512 bit) and n. The SHA-2 algorithms are only available on Oracle Database Release 12g and later. A null value evaluates to the most secure algorithm available and is the default.

CHECK_FOR_UPDATES

If set to N, the check for Oracle Application Express and Oracle REST Data Services product updates is disabled for the entire instance, regardless of preferences specified by individual developers. The default is Y.

CLONE_SESSION_ENABLED

If set to Y, the default, users can create multiple sessions in the browser.

CONTENT_CACHE_MAX_FILE_SIZE

The individual file entry size limit for the content cache, per workspace.

CONTENT_CACHE_SIZE_TARGET

The target size for the content cache, per workspace.

DB_SIGNATURE

Set to the database host/service name on install. If it differs, for example, on cloned databases, sending emails will fail. A value of null (the default) disables any checks.

DEBUG_MESSAGE_PAGE_VIEW_LIMIT

Maximum number of debug messages for a single page view. Default is 50000.

DELETE_UPLOADED_FILES_AFTER_DAYS

Uploaded files like application export files, websheet export files, spreadsheet data load files are automatically deleted after this number of days. Default is 14.

DISABLE_ADMIN_LOGIN

If set to Y, administration services are disabled. If set to N, the default, they are not disabled.

DISABLE_WORKSPACE_LOGIN

If set to Y, the workspace login is disabled. If set to N, the default, the login is not disabled.

DISABLE_WS_PROV

If set to Y, the workspace creation is disabled for requests sent out by using e-mail notification. If set to N, the default, they are not disabled.

EMAIL_IMAGES_URL

Specifies the full URL to the images directory of Application Express instance, including the trailing slash after the images directory. For example: http://your_server/i/

This setting is used for Oracle Application Express system-generated emails.

EMAIL_INSTANCE_URL

Specifies the URL to Oracle Application Express instance, including the trailing slash after the Database Access Descriptor. For example: http://your_server/pls/apex/

This setting used for Oracle Application Express system-generated emails.

ENABLE_LEGACY_WEB_ENTRY_POINTS

If set to Y (default is N), procedures used in older Application Express versions can be called in the URL (such as HTMLDB_UTIL.%).

ENABLE_TRANSACTIONAL_SQL

If set to Y, transactional SQL commands are enabled on this instance. If set to N, the default, they are not enabled.

ENCRYPTED_TABLESPACES_ENABLED

If set to Y, the tablespaces provisioned through Oracle Application Express are created as encrypted tablespaces. If set to N, the tablespaces are not encyrpted.

EXPIRE_FND_USER_ACCOUNTS

If set to Y, expiration of Application Express accounts is enabled. If set to N, they are not enabled.

HEADER_AUTH_CALLBACK

Callback procedure name for HTTP header based authentication, defaults to apex_authentication.callback.

HTTP_ERROR_STATUS_ON_ERROR_PAGE_ENABLED

Used in conjunction with the APEX_INSTANCE_ADMIN.SET_PARAMETER procedure.

If set to N, the default, Oracle Application Express presents an error page to the end user for all unhanded errors. If set to Y, returns an HTTP 400 status to the end user's client browser when the Application Express engine encounters an unhandled error.

HTTP_RESPONSE_HEADERS

List of http response headers, separated by newline (chr(10)). Application Express writes these headers on each request, before rendering the page. The substitution string #CDN# within the headers is replaced with the content delivery networks that are known to Application Express.

HTTP_STS_MAX_AGE

REQUIRE_HTTPS must be set to A for this parameter to be relevant. Application Express emits a Strict-Transport-Security header, with max-age=<value>, on HTTPS requests if HTTP_STS_MAX_AGE has a value greater than 0. If the request protocol is HTTP, instead of processing the request, Application Express redirects to a HTTPS URL.

IGNORED_FRIENDLY_URL_PARAMETERS

Comma-separated list of parameter names which are ignored when parsing friendly URLs. Default:

utm_campaign,utm_source,utm_medium,utm_term,utm_content

INBOUND_PROXIES

Comma-separated list of IP addresses for proxy servers through which requests come in.

INSTANCE_PROXY

The proxy server for all outbound HTTP(s) traffic. If INSTANCE_PROXY is set, it overrides any application specific proxy server definition.

INSTANCE_NO_PROXY_DOMAINS

Comma-separated list of domain names for which the instance proxy is not to be used.

INSTANCE_TABLESPACE

If specified, the tablespace to use for the database user for all new workspaces.

KEEP_SESSIONS_ON_UPGRADE

This flag affects application upgrades. If set to N, the default, delete sessions associated with the application. If set to Y, leave sessions unaffected.

LOGIN_THROTTLE_DELAY

The flag which determines the time increase in seconds after failed logins.

LOGIN_THROTTLE_METHODS

The methods to count failed logins. Colon-separated list of USERNAME_IP, USERNAME, IP.

LOGIN_MESSAGE

The text to be displayed on the login page. This text can include HTML.

MAX_APPLICATION_BACKUPS

The maximum number of backups kept for each application. Default is 25. Maxium is 30. Zero (0) disables automated backups.

MAX_LOGIN_FAILURES

Maximum login failures allowed.

MAX_SESSION_IDLE_SEC

The number of seconds an internal application may be idle.

MAX_SESSION_IDLE_SEC

The number of seconds an internal application may be idle.

MAX_SESSION_LENGTH_SEC

The number of seconds an internal application session may exist.

MAX_WEBSERVICE_REQUESTS

The maximum number of outbound web service requests allowed for each workspace in a rolling 24-hour period. Default is 1000.

PASSWORD_ALPHA_CHARACTERS

The alphabetic characters used for password complexity rules. Default list of alphabetic characters include the following:

abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ

PASSWORD_HASH_FUNCTION

Defines the algorithm that is used to create one way hashes for workspace user passwords. Valid values are MD5 (deprecated), SH1 (SHA-1), SH256 (SHA-2, 256 bit), SH384 (SHA-2, 384 bit), SH512 (SHA-2, 512 bit) and null. The SHA-2 algorithms are only available on Oracle Database Release 12g and later. A null value evaluates to the most secure algorithm available and is the default.

PASSWORD_HASH_ITERATIONS

Defines the number of iterations for the PASSWORD_HASH_FUNCTION (default 10000).

PASSWORD_HISTORY_DAYS

Defines the number of days a previously used password cannot be used again as a new password by the same user.

PASSWORD_PUNCTUATION_CHARACTERS

The punctuation characters used for password complexity rules. Default list of punctuation characters include the following: !"#$%&()``*+,-/:;<=>?_

PASSWORD_NOT_LIKE_USERNAME

If Y (the default is N), prevent workspace administrator, developer, and end user account passwords from containing the username.

PASSWORD_NOT_LIKE_WORDS

Enter words, separated by colons, that workspace administrator, developer, and end user account passwords must not contain. These words may not appear in the password in any combination of upper- or lowercase.

PASSWORD_NOT_LIKE_WS_NAME

Set to Y to prevent workspace administrator, developer, and end user account passwords from ontaining the workspace name.

PASSWORD_ONE_ALPHA

Set to Y to require that workspace administrator, developer, and end user account passwords contain at least one alphabetic character as specified in PASSWORD_ALPHA_CHARACTERS.

PASSWORD_ONE_LOWER_CASE

Set to Y to require that workspace administrator, developer, and end user account passwords contain at least one lowercase alphabetic character.

PASSWORD_ONE_NUMERIC

Set to Y to require that workspace administrator, developer, and end user account passwords contain at least one Arabic numeric character (0-9).

PASSWORD_ONE_PUNCTUATION

Set to Y to require that workspace administrator, developer, and end user account passwords contain at least one punctuation character as specified in PASSWORD_PUNCTUATION_CHARACTERS.

PASSWORD_ONE_UPPER_CASE

Set to Y to require that workspace administrator, developer, and end user account passwords contain at least one uppercase alphabetic character.

PATH_PREFIX

The unique URI path prefix used to access RESTful Services in a workspace. The default path prefix value is the name of the workspace.

PLSQL_EDITING

If set to Y, the default, the SQL Workshop Object Browser is enabled to allow users to edit and compile PL/SQL. If set to N, users are not allowed.

PRINT_BIB_LICENSED

Specify either standard support or advanced support. Advanced support requires an Oracle BI Publisher license. Valid values include:

  • STANDARD - requires Apache FOP.

  • ADVANCED - requires Oracle BI Publisher.

  • APEX_LISTENER - requires Oracle Rest Data Services (ORDS, formerly APEX Listener).

  • AOP - requires APEX Office Print.

  • NONE - native APEX printing.

PRINT_SVR_HOST

Specifies the host address of the print server converting engine, for example, localhost. Enter the appropriate host address if the print server is installed at another location.

PRINT_SVR_PORT

Defines the port of the print server engine, for example 8888. Value must be a positive integer.

PRINT_SVR_PROTOCOL

Valid values include:

  • http

  • https

PRINT_SVR_SCRIPT

Defines the script that is the print server engine, for example:

/xmlpserver/convert

QOS_MAX_SESSION_KILL_TIMEOUT

Number of seconds that an active old session can live, when QOS_MAX_SESSION_REQUESTS has been reached. The oldest database session with LAST_CALL_ET greater than QOS_MAX_SESSION_KILL_TIMEOUT is killed.

QOS_MAX_SESSION_REQUESTS

Number of allowed concurrent requests to one session associated with this workspace.

QOS_MAX_WORKSPACE_REQUESTS

Number of allowed concurrent requests to sessions in this workspace.

REQ_NEW_SCHEMA

If set to Y, the option for new schema for new workspace requests is enabled. If set to N, the default, the option is disabled.

REQUIRE_HTTPS

Set to A, to enforce HTTPS for the entire Application Express instance. Set to I, to enforce HTTPS within the Application Express development and administration applications. Set to N, to allow all applications to be used when the protocol is either HTTP or HTTPS. Please note developers can also enforce HTTPS at the application level, by setting the Secure attribute of an application scheme's cookie.

REQUIRE_VERIFICATION_CODE

If set to Y, the Verification Code is displayed and is required for someone to request a new workspace. If set to N, the default, the Verification Code is not required.

RESTRICT_RESPONSE_HEADERS

If Y or null (default), show HTTP 500 when a page contains unsupported HTTP response headers. These include status codes 301, 308 and 410, and cache headers for POST requests.

RESTFUL_SERVICES_ENABLED

If set to Y, the default, RESTful services development is enabled. If set to N, RESTful services are not enabled.

RESTRICT_IP_RANGE

To restrict access to the Application Express development environment to a specific range of IP addresses, enter a comma-delimited list of IP addresses. If necessary, you can use an asterisk (*) as a wildcard, but do not include additional numeric values after wildcard characters. For example, 138.*.41.2 is not a valid value.

RM_CONSUMER_GROUP

If set, this is the resource manager consumer group to be used for all page events. A more specific group can be configured at workspace level.

SERVICE_ADMIN_PASSWORD_MIN_LENGTH

A positive integer or 0 which specifies the minimum character length for passwords for instance administrators, workspace administrators, developers, and end user Application Express accounts, when the strong password rules are enabled (see STRONG_SITE_ADMIN_PASSWORD).

SERVICE_ADMIN_PASSWORD_NEW_DIFFERS_BY

A positive integer or 0 which specifies the number of differences required between old and new passwords. The passwords are compared character by character, and each difference that occurs in any position counts toward the required minimum difference. This setting applies to accounts for instance administrators, workspace administrators, developers, and end user Application Express accounts, when the strong password rules are enabled (see STRONG_SITE_ADMIN_PASSWORD).

SERVICE_ADMIN_PASSWORD_ONE_ALPHA

Set to Y to require that workspace administrator, developer, and end user account passwords contain at least one alphabetic character as specified in PASSWORD_ALPHA_CHARACTERS, when the strong password rules are enabled (see STRONG_SITE_ADMIN_PASSWORD).

SERVICE_ADMIN_PASSWORD_ONE_NUMERIC

Set to Y to require that workspace administrator, developer, and end user account passwords contain at least one Arabic numeric character (0-9), when the strong password rules are enabled (see STRONG_SITE_ADMIN_PASSWORD).

SERVICE_ADMIN_PASSWORD_ONE_PUNCTUATION

Set to Y to require that workspace administrator, developer, and end user account passwords contain at least one punctuation character as specified in PASSWORD_PUNCTUATION_CHARACTERS, the strong password rules are enabled (see STRONG_SITE_ADMIN_PASSWORD).

SERVICE_ADMIN_PASSWORD_ONE_UPPER_CASE

Set to Y to require that workspace administrator, developer, and end user account passwords contain at least one uppercase alphabetic character, when the strong password rules are enabled (see STRONG_SITE_ADMIN_PASSWORD).

SERVICE_ADMIN_PASSWORD_ONE_LOWER_CASE

Set to Y to require that workspace administrator, developer, and end user account passwords contain at least one lowercase alphabetic character, when the strong password rules are enabled (see STRONG_SITE_ADMIN_PASSWORD).

SERVICE_ADMIN_PASSWORD_NOT_LIKE_USERNAME

If Y, prevent workspace administrator, developer, and end user account passwords from containing the username, when the strong password rules are enabled (see STRONG_SITE_ADMIN_PASSWORD).

SERVICE_ADMIN_PASSWORD_NOT_LIKE_WS_NAME

Set to Y to prevent workspace administrator, developer, and end user account passwords from containing the workspace name, when the strong password rules are enabled (see STRONG_SITE_ADMIN_PASSWORD).

SERVICE_ADMIN_PASSWORD_NOT_LIKE_WORDS

Enter words, separated by colons, that workspace administrator, developer, and end user account passwords must not contain, when the strong password rules are enabled (see STRONG_SITE_ADMIN_PASSWORD). These words may not appear in the password in any combination of upper- or lowercase.

SERVICE_REQUEST_FLOW

Determines default provisioning mode. Default is MANUAL.

SERVICE_REQUESTS_ENABLED

If set to Y, the default, workspace service requests for schemas, storage, and termination is enabled. If set to N, these requests are disabled.

SESSION_TIMEOUT_WARNING_SEC

The number of seconds before session timeout that a warning displays for internal applications.

SMTP_FROM

Defines the "From" address for administrative tasks that generate email, such as approving a provision request or resetting a password.

Enter a valid email address, for example:

admin@example.com

SMTP_HOST_ADDRESS

Defines the server address of the SMTP server. If you are using another server as an SMTP relay, change this parameter to that server's address.

Default setting:

localhost

SMTP_HOST_PORT

Defines the port the SMTP server listens to for mail requests.

Default setting:

25

SMTP_PASSWORD

Defines the password Application Express takes to authenticate itself against the SMTP server, with the parameter SMTP_USERNAME.

SMTP_TLS_MODE

Defines whether Application Express opens an encrypted connection to the SMTP server. Encryption is only supported on database versions 11.2.0.2 and later. On earlier database versions, the connection is not encrypted.

If set to N, the connection is unencrypted (default).

If set to Y, the connection is encrypted before data is sent.

If STARTTLS, Application Express sends the SMTP commands EHLO <SMTP_HOST_ADDRESS> and STARTTLS before encrypting the connection.

SMTP_USERNAME

Defines the username Application Express takes to authenticate itself against the SMTP server (default is null). Starting with database version 11.2.0.2, Application Express uses UTL_MAIL's AUTH procedure for authentication. This procedure negotiates an authentication mode with the SMTP server. With earlier database versions, the authentication mode is always AUTH LOGIN. If SMTP_USERNAME is null, no authentication is used.

SOCIAL_AUTH_CALLBACK

Callback procedure name for Social Sign-In, defaults to apex_authentication.callback.

SQL_SCRIPT_MAX_OUTPUT_SIZE

The maximum allowable size for an individual script result. Default is 200000.

SSO_LOGOUT_URL

Defines the URL Application Express redirects to in order to trigger a logout from the Single Sign-On server. Application Express automatically appends ?p_done_url=...login url...

Example: https://login.mycompany.com/pls/orasso/orasso.wwsso_app_admin.ls_logout

STRONG_SITE_ADMIN_PASSWORD

If set to Y, the default, the apex_admin password must conform to the default set of strong complexity rules. If set to N, the password is not required to follow the strong complexity rules.

SYSTEM_DEBUG_LEVEL

Defines a default debug level for all incoming requests (null, 1-9) The SQL Plus script utilities/debug/d0.sql can be used to switch between NULL (disabled) and level 9.

SYSTEM_HELP_URL

Location of the help and documentation accessed from the Help link within the development environment. Default is http://apex.oracle.com/doc41.

SYSTEM_MESSAGE

The text to be displayed on the development environment home page. This text can include HTML.

TRACE_HEADER_NAME

This parameter contains a HTTP request header name and defaults to ECID-CONTEXT. The name must be in upper case. Application Express writes the HTTP header value to the activity log's ECID column.

TRACING_ENABLED

If set to Y (the default), an application with Debug enabled can also generate server side db trace files using &p_trace=YES on the URL.

If set to N, the request to create a trace file is ignored.

USERNAME_VALIDATION

The regular expression used to validate a username if the Builder authentication scheme is not Application Express. Default is as follows:

^[[:alnum:]._%-]+@[[:alnum:].-]+\.[[:alpha:]]{2,4}$

WALLET_PATH

The path to the wallet on the file system, for example:

file:/home/<username>/wallets

WALLET_PWD

The password associated with the wallet.

WEBSERVICE_LOGGING

Controls instance wide setting of web service activity log. A, N, or U (Always, Never, Use workspace settings).

WEBSHEET_CREATE_ENABLED

Default N. If set to Y, Create Websheet Application is enabled.

WEBSHEET_SQL_ACCESS

If set to Y, the default, SQL tags and SQL reports are possible in Websheet applications. If set to N, they are not possible.

WORKSPACE_EMAIL_MAXIMUM

Maximum number of emails allowed to be sent by using APEX_MAIL per workspace in a 24 hour period. Default is 1000.

WORKSPACE_MAX_FILE_BYTES

The maximum number of bytes for uploaded files for a workspace. A setting at the workspace-level overrides the instance-level setting.

WORKSPACE_MAX_OUTPUT_SIZE

The maximum space allocated for script results. Default is 2000000.

WORKSPACE_NAME_USER_COOKIE

If set to Y or null (the default), Application Express sends persistent cookies for workspace name and username during login, as well as for language selection. If N, the cookies are not sent.

WORKSPACE_PROVISION_DEMO_OBJECTS

If set to Y, the default, demonstration applications and database objects are created in new workspaces. If set to N, they are not created in the current workspace.

WORKSPACE_WEBSHEET_OBJECTS

If set to Y, the default, Application Express Websheet database objects are created in new workspaces. If set to N, they are not created in the current workspace.

WORKSPACE_TEAM_DEV_FILES_YN

If set to Y, the default, new workspaces will allow file uploads into Team Development. If set to N, new workspaces will not allow file uploads into Team Development, thereby disabling the ability to upload "feature","bug", and "feedback" attachments.

WORKSPACE_TEAM_DEV_FS_LIMIT

The maximum per upload file size of a Team Development file ("feature", "bug", and "feedback" attachments).Default value is 15728640 (15 MB). All possible options are listed below:5 MB - 5242880 | 10 MB - 10485760 | 15 MB - 15728640 | 20 MB - 20971520 | 25 MB - 26214400