Security

Security in Mendix has two sides: you want different people to see different parts of your application and you want to prevent unauthorized access. Both of these can be managed from Studio Pro, discussions around the topic right here in this Space!

• Make OIDC Module timeout settings configurable.

  https://community.mendix.com/link/spaces/security/ideas/5175

• Please also support roles in Identity Token instead of Access Token in your OIDC marketplace module

  https://community.mendix.com/link/spaces/security/ideas/4794

• Error: Attempt to illegally change a value for object with id '' (). Object hash is invalid!

  https://community.mendix.com/link/spaces/security/questions/134215

• Require MFA within Mendix for Private Cloud Production environments

  https://community.mendix.com/link/spaces/security/ideas/3622

• OIDC SSO with Google – “DecodeAndVerifyJWT” error

  https://community.mendix.com/link/spaces/security/questions/145473

• Possibilities to hide or disable Mendix API Swagger page

  https://community.mendix.com/link/spaces/security/questions/145437

• Mendix API communicate with Local API

  https://community.mendix.com/link/spaces/security/questions/145424

• Microflow Url - Redirect not working

  https://community.mendix.com/link/spaces/security/questions/131353

• OAuth2 for external DB connector

  https://community.mendix.com/link/spaces/security/ideas/5432

• Add Public Cloud APIs for Automated TLS/SSL Certificate Management

  https://community.mendix.com/link/spaces/security/ideas/5419

• How do I check if OpenSSL is compromised (CVE-2025-15467)?

  https://community.mendix.com/link/spaces/security/questions/145190

• Static IP address availability or workaround for Mendix Public Cloud application

  https://community.mendix.com/link/spaces/security/questions/145145

• Automatically scan for NPM vulnerabilities in my Mendix projects

  https://community.mendix.com/link/spaces/security/questions/144611

• reCAPTCHA V3 in Mendix

  https://community.mendix.com/link/spaces/security/questions/101151

• Facing Problem while creating Login Page

  https://community.mendix.com/link/spaces/security/questions/144882

• To be sure: is Shai-Hulud npm Supply Chain Attack a threat for mendix webapps or native apps?

  https://community.mendix.com/link/spaces/security/questions/144457

• Make inactive user active during standard login

  https://community.mendix.com/link/spaces/security/questions/144913

• Restrict CTR roles from viewing sensitive/confidential information.

  https://community.mendix.com/link/spaces/security/ideas/5351

• DB Encryption with application understanding

  https://community.mendix.com/link/spaces/security/questions/144851

• Export user roles

  https://community.mendix.com/link/spaces/security/questions/144834