Securing a REST API with OAuth 2.0
-
Introduction5m
-
-
LockedAdding Authentication5mLockedLimits of HTTP Basic5mLockedOAuth 2.0 and JWT10mLockedLab: Adding OAuth 2.0 Bearer JWT Authentication5mLockedAccessing Authentication in Spring MVC10mLockedLab: Accessing Authentication in Spring MVC30mLockedThe Big Picture10mLockedAccessing Authentication Anywhere10mLockedAccessing Authentication Anywhere20mLockedValidate Claims10mLockedLab - Validate Claims25mLockedProcessing Failures10mLockedLab - Processing Failures20m
-
-
-
LockedAuthorization Models Overview - Request vs. Method10mLockedOAuth 2.0 Scopes10mLockedAdding Request Authorization10mLockedLab: Adding Request Authorization10mLockedAdding Method Authorization10mLockedLab: Adding Method Authorization10mLockedAdding Data Authorization10mLockedLab: Adding Data Authorization10mLockedAdding Delegated Authorization10mLockedLab: Connecting to an Authorization Server10m
-
-
CompletedConclusion
Get free Spring training, led by the experts
Give your skills and career a bump with Spring—the world’s most popular Java framework. Your free account gives you access to our growing library of hands-on training, straight from the Spring experts.
In this lesson, we briefly covered OAuth 2.0 and JWT. We described the roles of OAuth 2.0's three kinds of actors and how they interact with one another. We also described JSON Web Tokens and that they consist of a series of claims about the principal.
Let's now put it all together in a lab, changing out HTTP Basic for OAuth 2.0 Bearer JWTs.
Felipe Gutierrez
Staff Engineer
Over 30 years of IT experience, during which he has developed programs for companies in multiple vertical industries, such as government, retail, healthcare, education, and banking. Book Author from Apress. Currently writing the Pro Spring Boot 3rd Edition.
Josh Cummings
Staff Engineer and Spring Security committer
Spring Security committer, Pluralsight author, and juggler.
Give Feedback
Help us improve by sharing your thoughts.