Configure Security Options for Applications
Administrators can use the Security panel in the Tenant Settings page to require authentication for all applications in the instance.
When an administrator enables the Allow only secure applications to be created option, all published and staged applications in the instance will require user authentication. When the option is enabled, users must log in to access the applications in the instance, even if anonymous access is allowed in the application's settings. When the option is not enabled, applications can be created that allow access to anonymous users.
When an application has the default security settings, any user with a valid login can access the pages in an application. A developer can modify the default security settings to define the roles that can access applications, pages and components.
When the secure application option is enabled, an administrator can enable the Only Visual Builder Users can access secure applications option so that only Visual Builder users (those assigned the default Service User role) can access the staged and published applications in the instance. For example, this allows you to configure security so that users assigned the Visual Builder Developer role can access the designer, but can’t access the published application and data because they are not assigned the Visual Builder Service User role.
An administrator can also use IDCS roles when configuring the instance's security so that a user's access is limited to just the secure applications. Users assigned the selected IDCS role would be able to access the applications, but would be prevented from accessing Visual Builder or Oracle Integration resources external to the application, such as other Oracle Integration integrations.
To configure the security options for all applications in the instance: