Build Single Sign-on in Java

Build Single Sign-on in Java

This tutorial builds and connects multiple applications to a single OAuth 2.0 Resource Server.

Jefferson Sousa

I was not able to pass on from the part of running the first application. It does not run on spring tool suite or maven. I’m a Junior developer, so it can be that too. I changed the file.Description:

Binding to target Failed to bind properties under ‘okta.oauth2’ to com.okta.spring.boot.oauth.config.OktaOAuth2Properties failed:

Property: okta.oauth2.issuer
Value: {}
Origin: class path resource []:1:20
Reason: null


Update your application’s configuration

Okta Developers

Remove the brackets {…} and just keep the … part. That should solve your problem.

Jefferson Sousa

I did! Thank you. Content great!


I can get “Amanda Tester” and “Tanya Tester” to login to the “client1” and “client2” apps, but the client1/client2 fail when they try to access:

this.resourceServerUrl + "/welecomeMessage"

I’m not sure why the “OIDC Resource Server” is not allowing access. What am I missing here?

Brian Demers

Double check that the Authorization Server you created has the correct Audience. If you just signed up for an Okta Developer account, one is automatically created for you, but that Audience would be set to api://default. So make sure you created one as described above.

If that doesn’t work, my go-to is turning up the logging for Spring Security (or just the root logger in a pinch). Spring Security doesn’t log authentication errors at the default levels (for good reason, as this could be log spam).

Keep us posted!


That’s what it was! I had api://oidcauthsevrer instead of api://oidcauthserver.
Thanks @disqus_u7ZhPHjjDC !

Brian Demers



I am always getting bad request on hitting url http://localhost:8080… Working after assigning the apps explicitly to users… ?

vamshi r

How to do same SSO by Java servlet as application

Adrian Campanaro

On step Create a Service Application for Your Resource Server
I am trying to create OAuth Service but it does not allow me to do so.