APEX 24.2
We have an application which is installed by a number of customers. The application is not multi-tenanted.
Each customer has their own authentication scheme: they authenticate against their own IDP, e.g. Entra, Okta, OpenID, etc. Each scheme also requires web credentials. Some customers have multiple schemes, each specific for an environment e.g. Training, User Acceptance, Production.
This means that we have a large number of authentication schemes defined and a large number of buttons on the login page, which are only displayed for the correct customer installation. The button selects the correct authentication scheme by using the APEX_AUTHENTICATION request.
We also have our own scheme to allow us to access the installation in a support role in any customers environment, through a ‘support’ button.
We are considering using the application Security Attributes/Authentication/Configuration Procedure as a way of reducing this complexity - we'd have an authentication scheme per method e.g. Entra, OpenID, Okta, etc. We'd only need one login button as the scheme configuration would identify the appropriate scheme and the parameters that need to be populated.
Unfortunately, this doesn't work with our ‘support’ login as we don't seem to be able to let the configuration procedure know which ‘button’ is being used - session values, etc. aren't set until after the authentication callback occurs.
Any ideas on how we can use both configured authentication schemes and our own defined authentication scheme?