Skip to Main Content
Feature Request FR-3840
Product Area APIs
Status CLOSED

8 Voters

APEX_CREDENTIAL API improvements

pmushkov Public · Jun 15 2024

Idea Summary
The APEX_CREDENTIAL API is a great way to keep your secret API keys secure. It is doing a great job in allowing developers to use PL/SQL for creating and editing Credentials, just like using the APEX Builder.

There are however some ways to improve the API and its documentation, so that it is used by more developers and in more use cases. Here are some pain points I recently had while using the API:

  • The Oracle APEX API Reference Documentation does NOT have an example of setting the C_TYPE_HTTP_HEADER (HTTP Header) and C_TYPE_HTTP_QUERY_STRING (URL Query String) types of credentials using the procedure apex_credential.set_persistent_credentials. Both Authentication Types are frequently used with 3rd party APIs that require the use of API key. (SET_PERSISTENT_CREDENTIALS Procedure Signature 1 and SET_PERSISTENT_CREDENTIALS Procedure Signature 2). Signature 1 covers OAuth2 and OCI Authentication Types, while Signature 2 covers the Basic Authentication Type.  
  • I have tested both version of the SET_PERSISTENT_CREDENTIALS procedure and they seem to work for both HTTP Header and URL Query String Authentication types. However, none of it is documented and most importantly, the procedure parameters do NOT match the APEX Builder labels for both of these types. See example:
apex_credential.set_persistent_credentials (
    p_credential_static_id => 'MY_HTTP_HEADER_API_KEY',
    p_client_id            => 'x-api-key',
    p_client_secret        => 'YOUR_API_KEY' );

 apex_credential.set_persistent_credentials (
    p_credential_static_id => 'MY_HTTP_HEADER_API_KEY',
    p_username             => 'x-api-key',
    p_password             => 'YOUR_API_KEY' );

Use Case  

Preferred Solution (Optional)
Overloaded procedure might not be suitable here, as Signature 2 already has three varchar2 parameters, which will also be the case with the ones needed for HTTP Header and URL Query String. However, some good examples in the documentation should be enough for developers to get started:

BEGIN
    apex_credential.set_persistent_credentials (
    p_credential_static_id => 'ANTHROPIC_API',
    p_username      	   => 'x-api-key', -- actually Credential Name
    p_password    		 => 'YOUR_API_KEY ); -- actually Credential Secret
END;

---------------------------------------------------------------------
Optional: a new signature of the procedure
14.6-14.7 SET_API_KEY_PERSISTENT_CREDENTIALS Procedure

This procedure sets Credential Name and Credential Secret for the provided credential persistently. Typically used for HTTP Header and URL Query String authentication.

Syntax

PROCEDURE SET_API_KEY_PERSISTENT_CREDENTIALS (
    p_credential_static_id  IN VARCHAR2,
    p_credential_name       IN VARCHAR2,
    p_credential_secret     IN VARCHAR2 );

Parameters

p_credential_static_id  - Credential static ID. 
p_credential_name - Credential name (example: apiKey, x-api-key or whatever the API provider decided to name the API Key name). 
p_credential_secret - Credential secret (example: your secret API Key). 

Example

Sets API Key name and API Key Secret into credential ANTHROPIC_API persistently.

BEGIN
    apex_credential.set_ape_key_persistent_credentials (
    p_credential_static_id => 'ANTHROPIC_API',
    p_credential_name      => 'x-api-key',
    p_credential_secret    => 'YOUR_API_KEY );
END;
This idea submission relates to an APEX bug and will be tracked in our bug system.

Comments

Comments

  • carsten.czarski APEX Team OP 1.6 years ago

    Thank you for reporting this: I created a ticket for doc people to add the missing “Signature 3”, which is already available (similar to SET_SESSION_CREDENTIALS), but which is just missing in the documentation.

    Closing this idea, as this is actually a (documentation) bug.