Using Spring resource sever: calling “/api/user/register
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers(”/resources/", “/error”, "/api/user/").permitAll()
// Require authentication for all requests under /api/private
.antMatchers("/api/private/**").authenticated()
.and()
.oauth2ResourceServer().jwt();
// process CORS annotations
http.cors();
// force a non-empty response body for 401's to make the response more browser friendly
Okta.configureResourceServer401ResponseBody(http);
}