Let’s considering the paper about Oracle REST Data Service authentication
It’s a very useful for starting with Oauth.
I’m adding just some infos about user authentication. In the paper above, the following scenarii are considered:
- Flat file user directory at ORDS level
- Tomcat file repository
- Tomcat JDBSRealm
- Database authentication
In fact, we can add a fifth option which is: APEX user directory.
That means that in every case (first party authentication or Oauth) we can rely on the embedded directory in APEX. The only requirement is that the APEX user be enrolled in a group with the same name as the role name mapped with the module or the url pattern. That’s all.