FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    How to generate and authorized java spring controller using JWT

    Scheduled Pinned Locked Moved
    General Discussion
    fusionauth jwt java client creds
    2
    5
    2.4k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      shyamsundar.k
      last edited by

      I am a starter plan user and want to implement JWT using client credentials flow in my Java Spring Boot Application. I generated the license in the fusion auth portal and set up the auth docker instance. I am getting the below error when generating the JWT token using client_id and secret.

      {
    "error": "not_licensed",
    "error_description": "You must enter a valid license Id in order to use the Entity Management features of FusionAuth, which include the Client Credentials Grant.",
    "error_reason": "not_licensed"
}

      Please help me in forming the correct token generation call and then use the same token to authorize my controller.

      curl --location --request POST 'http://<base_url>:9011/oauth2/token?grant_type=client_credentials&client_id=<>&client_secret=<>&redirect_uri=<url>' \
--data ''
      danD 1 Reply Last reply Reply Quote 1
      • danD
        dan @shyamsundar.k
        last edited by

        @shyamsundar-k

        It looks like you haven't entered the license Id on your instance. You can do so by following the steps outlined here:

        https://fusionauth.io/docs/v1/tech/admin-guide/licensing

        --
        FusionAuth - Auth for devs, built by devs.
        https://fusionauth.io

        S 2 Replies Last reply Reply Quote 0
        • S
          shyamsundar.k @dan
          last edited by

          @dan Thanks. I am able to add the license now.

          1 Reply Last reply Reply Quote 1
          • S
            shyamsundar.k @dan
            last edited by

            @dan I have a Java Rest API. How to authenticate the APIs using generated tokens? What are the steps?

            We need to pass the token in the API header as Authorization: Bearer<token> But what is the process so that I can validate the endpoint with the valid token if the token is invalid or does not have the required roles or scope then I should get 401 else I should be able to access the API successfully.

            danD 1 Reply Last reply Reply Quote 0
            • danD
              dan @shyamsundar.k
              last edited by

              @shyamsundar-k said in How to generate and authorized java spring controller using JWT:

              We need to pass the token in the API header as Authorization: Bearer<token> But what is the process so that I can validate the endpoint with the valid token if the token is invalid or does not have the required roles or scope then I should get 401 else I should be able to access the API successfully.

              Once you have a token in your API, you can validate it in two different ways. But it's worth noting that to validate the token, you must validate the signature and then the claims.

              First option: use a library to validate the signature. Most languages have options. For java, you can use fusionauth-jwt, the readme has sample code.

              Second option: use the validate API. You could use the FusionAuth client library to make this call if you'd like.

              The first means you have to pick a library. The second means you have to make a network call.

              Either way, after you validate the signature, you need to check the claims (issuer, audience, expiration, custom claims) to make sure they are what you expect.

              Here's more about how to consume a JWT.

              --
              FusionAuth - Auth for devs, built by devs.
              https://fusionauth.io

              1 Reply Last reply Reply Quote 0
              • First post
                Last post