Validate Okta bearer token and get user object

We are having micro service architecture. We have web application i.e written in backbone JS and backend is written in spring and spring boot. We are using Okta native application.

Our authentication server (written in spring) authenticate user with Okta and return bearer token to client web application. Now web application make request to other micro services (those are written in spring boot) with bearer token. How can i authenticate or validate this token and get user information in spring boot application.

If you use Spring’s OAuth support, you should be able to get the user’s information from simply injecting the java.user.Principal object. Secure a Spring Microservices Architecture with Spring Security and OAuth 2.0 shows you how to do this in a microservices architecture.

1 Like

Thanks Matt, For your help.
I tried approach suggested in link shared by you but it is giving me error

Just for your information that we are using native application.
Please help.

You likely need to add http://localhost:8080/login to your app’s allowed redirect URIs. You can get the correct value by looking at the parameters in the URL that displays this page.

I don’t think that is the correct application type in Okta. For your frontend Backbone app, you should use the Single-Page Application type. For your Spring backend, use Web Application type.