Simple Token Authentication for Java Apps

oktadev-blog · October 16, 2018, 9:41am

This article explores the benefits of token authentication with JWTs for Java apps.

oktadev-blog · October 21, 2018, 4:20am

aviral75

"this time including your token (depending on how much time has passed, you may need to request a fresh token):" can time to expiry be fixed per token or its always a constant value?

oktadev-blog · November 1, 2018, 4:19pm

Matt Raible

You can change the expiry time by setting up a policy rule. By default, the ID and Access Tokens are valid for 60 min and the Refresh is 100 days. https://uploads.disquscdn.c…

oktadev-blog · February 7, 2021, 8:09am

testBot

I am seeing below error message

additional filter chain; firing Filter: 'OAuth2AuthenticationProcessingFilter’
2021-02-07 07:37:28.531 DEBUG [601f98b8f362e8c4fea5db15157bf77c,fea5db15157bf77c,true] 15420 — [nio-8080-exec-1] p.a.OAuth2AuthenticationProcessingFilter : Authentication request failed: error=“invalid_token”, error_description=“Invalid access token: eyJraWQiOiJzSlBLNlRpbGkxTU0ySzc3VC12RlJ3LVJzSm1LMUhQaVdJdkFYMy1WRUJJIiwiYWxnIjoiUlMyNTYifQ.eyJ2ZXIiOjEsImp0aSI6IkFULlY4SmwxZDdNcmpNT0F1ajJrVzIxUkZENEhHZkRuRWFSWmNTSzBvMVZnbFkiLCJpc3MiOiJodHRwczovL2Rldi00MzY1NzQxLm9rdGEuY29tL29hdXRoMi9kZWZhdWx0IiwiYXVkIjoiYXBpOi8vZGVmYXVsdCIsImlhdCI6MTYxMjY4MTY4OCwiZXhwIjoxNjEyNjg1Mjg4LCJjaWQiOiIwb2FrYWJhN0NDWFkxTFJDNzVkNSIsInNjcCI6WyJjdXN0b21TY29wZSJdLCJzdWIiOiIwb2FrYWJhN0NDWFkxTFJDNzVkNSJ9.wGElBYS60RjIzQJewC7y6wrUnXbzeqLBdsnQpTCxqZYAzp9O0-jTwSii6gabb8uDDt2npOuqUrd0rd4H1JANoD_g1q6eGlXDwzjUovkkHu7C1jaBp4KPMRI87m9YD9a9U7c4wivsP-j69j1CjWkXbGaINpB9f2Hp7-Y9D7_SI0tXuAzUIqsJwTNS48MzccJyWSRjxZGPs_fSVIImFTsRnWvjKawr0UvUHuvYZzT15VqHMUCUf-ybZIF9kcOpaX0CpkXTEOlZv5_KrqRGgaQPKrV68k7gsP5w2aUrL-wAMQh248mHdJmKml3fkmtjbBarUro8k9EPJBMDa5WzhbgO7A”

oktadev-blog · February 9, 2021, 3:46pm

Matt Raible

Are you using the default authorization server for your issuer? If you use your org’s authorization server, you can’t validate tokens and you’ll get an error similar to the one you posted here. See our Authorization Servers documentation for more information.

oktadev-blog · March 21, 2021, 6:25pm

isilona

Got the same error following this blog.
In my case the problem appeared to be because of using the newest library versions
After removing the deprecated @EnableResourceServer annotation, error disappeared

Sid_C06 · March 8, 2022, 12:23pm

I am using okta and enabled resourceServer for jwt validation. However when i am sending the token the first request is taking a lot of time to execute almost 1min. The subsequent request takes less then a second.

mraible · March 8, 2022, 2:40pm

Are you on a slow internet connection? If you try configuring our okta-spring-boot-sample, does it happen with it too?

I noticed you posted this question on Stack Overflow too. Please don’t post your question in two places. We see them both and it just creates more work for us to answer in both places.