I have two springboot apps (gonna refer to them as service A, and service B).
Want to demo couple of use cases:
service A makes calls to service B using a “Client Credentials Grant”. I was able to get this to work by configuring service B as a “resource server” (@EnableResourceServer). Doesn’t work unless I do that, which is fine, no problem here so far.
service A makes calls to service B on behalf of a user that has authenticated with service A using his/her name/password (Authorization Code Grant). When service A is making the call to service B, service A is grabbing the “id token” from the security context and sending it as a “Bearer” token in the Authorization header set in the REST template. Service B is complaining the “aud” does not match expected audience of “api://default”. It seems “aud” in the token is set to the service A’s client id. So I assume I can’t just use that token (which is a JWT token) as a Bearer token to make calls to service B. How do I make calls to service B from service A on behalf of the logged in user?