Load Spring UserProfile using OKTA access_token

Hi Team,

I have setup Spring Boot resource server to use the OKTA access token and security is working fine.
I am trying to load the UserProfile using this access_token as I need to inject more User details information which I am getting from my local service. We want to use both OKTA and local service to achieve authentication and authorization.

Can someone point me in right direction about how to achieve this?

Hi @KD84

To add more claims into access tokens, you would need to have API Access Management feature enabled on your Okta tenant. This feature is free for developer orgs and paid in production ones.

If you have API Access Management enabled and you are using a custom authorization server (eg. the issuer looks something like “https://org.okta.com/oauth2/default” or “https://org.okta.com/oauth2/auss64hoq4PQUNXNa2q6” and not “https://org.okta.com”), then please navigate to Admin >> (Security) >> API >> Authorization Servers >> your authorization server >> Claims tab and add the claims as described here.

Thanks @dragos.

I looked up information provided and its helpful as well. Though my question more around Spring Security 5, do I any customization to load Spring UserDetails from access_token. Is there any sample out there which would tell me how to generate custom UserDetails from access_token in Spring resource server?