brandonrk.
KKinde
•Created by brandonrk. on 5/16/2024 in #💻┃support
Secure Spring Boot App - M2M Tokens
How to add Authorization to My Spring Boot Application (Gateway Server) - For 3rd party services (i want to restrict access to certain API endpoints)
i tried to use the M2M tokens but i getting 403 error on my API because scopes not sent (i tried to issue a client creds token with scopes but with no success * i added aud as my domain )
i did it without SDK just with Security config
httpSecurity.authorizeExchange(exchanges ->
exchanges.pathMatchers("/demo/**").authenticated())
.oauth2ResourceServer(
oAuth2ResourceServerSpec -> {
oAuth2ResourceServerSpec.jwt(jwtSpec ->
jwtSpec.jwtDecoder(JwtDecoders.fromIssuerLocation("https://myapidomain/api")));
}).build();
in my application.yaml
i did like this
oauth2:
resourceserver:
jwt:
jwk-set-uri: "https://mysubdomain.kinde.com/.well-known/jwks.json"
issuer-uri: "https://myapidomain/api"
jws-algorithms: RS2562 replies