Spring boot Angular user Group Id in authorities

I have used tutorial

and created angular and spring boot application. Everything works perfect. I just need to receive logged in user group from Okta as authority , so, I can secure my apis based on role/group.
for this purpose, I create two groups

and in the application, I have given access to both the group users.


Then in Api Authorization servers added claims to provide groups matching regex .* for both type access and type Id.
However, I am still not able to receive group id of the user cm_user or cm_admin in spring boot application authorities of the Principle.
Please advice what I am missing and let me know if any additional details are needed.

Another thing, I want to mention is, token fetched from “Preview Token” app, is returning roles properly, however, they are not being set as authorities in spring boot.

I think, I found the issue. I had to debug spring boot okta-spring-security-oauth2 jar to figure this out.
Basically, its looking by default for ‘groups’ , where as okta is returning the groups as ‘roles’
I just had to add okta.oauth2.rolesClaim as ‘roles’

We can close this request. hope it helps some one.

Hi @balu.vyamajala,

I’ve been struggling with the same issue, could you share some snippets of your configuration and properties ?

Thank you !

Best Regards,

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.