Hello, I have set up Spring Boot security with OAuth 2 using JWT and it works fine. The requests are Secured and validated through my console.
However, I want to use the Users API to get the current user’s Firstname & Lastname so that we can autopopulate the internal Users table data on our private DB. Users | Okta Developer
It says here to use header:
-H "Authorization: SSWS ${api_token}" \
But that is not working with our Jwt token, I have also tried setting as Bearer:
String oktaUserUrl = "https://myauth-dev.ice.gov/api/v1/users/me";
Map<String, String> map;
Jwt credential = (Jwt) SecurityContextHolder.getContext().getAuthentication().getCredentials();
try (CloseableHttpClient httpClient = HttpClientBuilder.create().build()) {
ObjectMapper mapper = new ObjectMapper();
HttpGet request = new HttpGet(oktaUserUrl);
request.addHeader(HttpHeaders.ACCEPT, "application/json");
request.addHeader(HttpHeaders.CONTENT_TYPE, "application/json");
request.addHeader(HttpHeaders.AUTHORIZATION,
"Bearer " + credential);
HttpResponse result = httpClient.execute(request);
String json = EntityUtils.toString(result.getEntity(), "UTF-8");
map = mapper.readValue(json, Map.class);
httpClient.close();
} catch (IOException ex) {
}
The credential object looks correct when I inspect the values, there is nothing to indicate any problem with the token data at all. The sub email is there, the tokenValue is there… it all looks good.
Yet, I keep getting a 401 error saying Unauthorized Access… I tried the url https://myauth-dev.ice.gov/api/v1/users/me and get the valid results in browser when I am logged in.
Can you please advice as to what settings I need to configure my HttpClient to get this to work? Is it possible this needs to be added into the Okta Admin Console for our internal application as well?