Abdelrahman Mahmoud
Hi Matt,
Thanks for the great example.
I’m trying to practice using your example especially the one which using the spring cloud api gateway. And i was trying to implement a user authorization based on created groups in okta.
The question is, what’s the best practice either to apply the authorization on api gateway security or on the endpoint level security?
The thing is, I’m able to apply it on the api gateway security class, but not able to apply it on the endpoint itself using @PreAuthorize(“hasRole(’’)”) or @PreAuthorize(“hasAuthority(’’)”)
Thanks and regards