Hi There
Before I start, an Apex mobile web app is not a solution here. (I have developed several of them and they are great when they can meet the requirement.).
I have an Apex application - however, field staff need access to data and some functions while in the field and the requirement is to use native apps. I can start with android. (I do not do mobile dev).
I need to provide a secure mechanism to the app developers to connect.
I thought that OAUTH was the way to go - and can get a test case working using grant type ‘authorization_code’ - the recommended mechanism. (Thank you Tim Hill and oracle-base.com)
However when the end user is prompted for their credentials:
- The interface is Oracles OAUTH interface - so Q1 - Can I provide a custom page here and call my own auth function?
- The credentials are for the schema - Q2 - I want the users to provide their own application driven username / password.
What is the best approach here?
I spent a lot of time searching for a worked example of this, what I would think of, as a pretty standard use case. Maybe OAUTH is not the way to go? Security is of course very important.
Env - OCI (DB (19) and Apex (21.1) on bare metal, ORDS on compute instance)
Thank you
Paul