Security
Security in Mendix has two sides: you want different people to see different parts of your application and you want to prevent unauthorized access. Both of these can be managed from Studio Pro, discussions around the topic right here in this Space!
MFA for all platform Users
https://community.mendix.com/link/spaces/security/ideas/5546
Support Online Certificate Status Protocol (OCSP) Stapling
https://community.mendix.com/link/spaces/security/ideas/5535
Block access to /api-doc/, /ws-doc/, and /rest-doc/ from YAML configuration in Mendix On-Premises
https://community.mendix.com/link/spaces/security/questions/145744
Add Public Cloud APIs for Automated TLS/SSL Certificate Management
https://community.mendix.com/link/spaces/security/ideas/5419
Error : Can not write a field name, expecting a value
https://community.mendix.com/link/spaces/security/questions/137161
Make OIDC Module timeout settings configurable.
https://community.mendix.com/link/spaces/security/ideas/5175
Please also support roles in Identity Token instead of Access Token in your OIDC marketplace module
https://community.mendix.com/link/spaces/security/ideas/4794
Error: Attempt to illegally change a value for object with id '
' (
). Object hash is invalid!
https://community.mendix.com/link/spaces/security/questions/134215
Require MFA within Mendix for Private Cloud Production environments
https://community.mendix.com/link/spaces/security/ideas/3622
OIDC SSO with Google – “DecodeAndVerifyJWT” error
https://community.mendix.com/link/spaces/security/questions/145473
Possibilities to hide or disable Mendix API Swagger page
https://community.mendix.com/link/spaces/security/questions/145437
Mendix API communicate with Local API
https://community.mendix.com/link/spaces/security/questions/145424
Microflow Url - Redirect not working
https://community.mendix.com/link/spaces/security/questions/131353
OAuth2 for external DB connector
https://community.mendix.com/link/spaces/security/ideas/5432
How do I check if OpenSSL is compromised (CVE-2025-15467)?
https://community.mendix.com/link/spaces/security/questions/145190
Static IP address availability or workaround for Mendix Public Cloud application
https://community.mendix.com/link/spaces/security/questions/145145
Automatically scan for NPM vulnerabilities in my Mendix projects
https://community.mendix.com/link/spaces/security/questions/144611
reCAPTCHA V3 in Mendix
https://community.mendix.com/link/spaces/security/questions/101151
Facing Problem while creating Login Page
https://community.mendix.com/link/spaces/security/questions/144882
To be sure: is Shai-Hulud npm Supply Chain Attack a threat for mendix webapps or native apps?
https://community.mendix.com/link/spaces/security/questions/144457