This version is still in development and is not considered stable yet. For the latest stable version, please use Spring Security 6.4.1! |
OAuth 2.0 Resource Server
Spring Security supports protecting endpoints by offering two forms of OAuth 2.0 Bearer Tokens:
-
Opaque Tokens
This is handy in circumstances where an application has delegated its authority management to an authorization server (for example, Okta or Ping Identity). Resource servers can consult this authorization server to authorize requests.
A complete working example for JWT is available in the Spring Security repository. |