Learn how to use OAuth 2.0’s client credentials grant to communicate between apps secured by Spring Security.
Hello, thx for great article, seems works as expected with one exception
I’m receiving from authority server error due to Accept=application/json HTTP header is missing in request.
Could it be customized, somehow?
Thank your for the post! Without doubt the best one about how to do OAuth2 properly with Spring, everything crystal water clear!
This is a great post!. When i followed the steps. I am getting error on this line . Its expecting authentication but passed string to principal. Could you please guide me on this ?
OAuth2AuthorizeRequest authorizeRequest = OAuth2AuthorizeRequest.withClientRegistrationId(“okta”)
Hi Andrew!..Could you please share your thoughts on the above authorizeRequest. Any help or pointers is a great help.
Hey @srinivaskucherla! Can you share the exact error message you are seeing?
It looks like you changed port to
11033 and added a callback route?
Are you mixing different examples together? In general, you should let the framework (Spring Security in this case) handle the callback.
Maybe we should take a step back and move this to the Okta Developer Forum? (if you start a thread, please add a link back here so anyone can follow along!)
https://devforum.okta.com/t… I created a new topic. Also my other question is my local host runs at 11033 port. I have updated that in Application configuration in Okay admin console. Is port number an issue ?
The port number is less of an issue, if you have everything configured. If you have trouble though I usually recommend, getting things working as is, and then changing one thing at a time until get to your end goal.
Hi Andrew, this was great, thanks for posting, one issue I’m having is I have multiple clients and so require multiple OAuthClientConfiguration classes but can only seem to define the one, any thoughts on how this can be achieved please?
You should be able to define multiple
ClientRegistration, each with a unique id. But you would only define the other beans like the
Does that help?
Can you we add clients dynamically after the service starts. If so , how can resolve the clients . Use case : Lets say customer entering the IDP information configuration in a form. We want to make sure entered values are actually valid values and working. So want to create a temp client add it to ClientRegistrationRepository and test it. If the test is successful. Then we can allow the user to save the auth config values. Any thoughts on this would be a great help.