Idea Summary
Allow an application to register and use multiple authentication schemes out-of-the-box (for example Basic, Social Sign-In, SAML, OAuth2) and have APEX automatically handle deep-linking (capture & redirect RETURN_URL) for all of them, just as it does today for a single, native scheme.
Use Case
- Mixed-access applications: Some pages public, some behind SAML, others via social login or custom REST-based auth.
- Progressive rollout: Enable e.g. Social Sign-In on a subset of pages without disrupting existing database-user login.
- Multi-tenant portals: Different customers require different identity providers (Azure AD, Google, Facebook) within the same app.
- Consistent UX: Regardless of which scheme the user picks, deep-links (e.g. email notifications, bookmarks) always send them to the intended page after login.
Preferred Solution (Optional)
- APEX Builder Enhancement
- In Shared Components > Authentication Schemes, allow selecting multiple active schemes and map each scheme to page-ranges or URL patterns.
- Automated Deep-Linking
- Under the covers, APEX would:
- On first request, detect the intended scheme, store the RETURN_URL in session/cookie
- After authentication, retrieve and redirect to that RETURN_URL
- Expose a declarative toggle (“Enable deep-linking”) so developers don’t have to write their own cookie/process logic.
- Plugin API
- Extend
apex_authentication APIs so custom schemes automatically inherit the RETURN_URL handling without extra PL/SQL.