1 person found this helpful
Just make sure that workspace user access is what works for your app. Should your app share the workspace with another app (or apps) that also uses default APEX user access, all APEX users created by it, will have access to your app - and all APEX users deleted by it, will be permanent and deny access to these users, to your app.
Thus keep in mind that APEX users are relevant to the workspace and all apps (using default APEX authentication) in that workspace - and this should be managed globally via the workspace, and not managed (and duplicated) at app level.
I would rather look at OpenLDAP for access and user management - this does not tie security for your APEX app down to the local workspace it happens to run in.