• Home
  • Categories
  • Recent
  • Popular
  • Pricing
  • Contact us
  • Docs
  • Login
FusionAuth
  • Home
  • Categories
  • Recent
  • Popular
  • Pricing
  • Contact us
  • Docs
  • Login

How to generate and authorized java spring controller using JWT

Scheduled Pinned Locked Moved
General Discussion
fusionauth jwt java client creds
2
5
2.4k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • S
    shyamsundar.k
    last edited by 29 Jul 2023, 19:11

    I am a starter plan user and want to implement JWT using client credentials flow in my Java Spring Boot Application. I generated the license in the fusion auth portal and set up the auth docker instance. I am getting the below error when generating the JWT token using client_id and secret.

    {
    "error": "not_licensed",
    "error_description": "You must enter a valid license Id in order to use the Entity Management features of FusionAuth, which include the Client Credentials Grant.",
    "error_reason": "not_licensed"
}

    Please help me in forming the correct token generation call and then use the same token to authorize my controller.

    curl --location --request POST 'http://<base_url>:9011/oauth2/token?grant_type=client_credentials&client_id=<>&client_secret=<>&redirect_uri=<url>' \
--data ''
    D 1 Reply Last reply 1 Aug 2023, 14:08 Reply Quote 1
    • D
      dan @shyamsundar.k
      last edited by 1 Aug 2023, 14:08

      @shyamsundar-k

      It looks like you haven't entered the license Id on your instance. You can do so by following the steps outlined here:

      https://fusionauth.io/docs/v1/tech/admin-guide/licensing

      --
      FusionAuth - Auth for devs, built by devs.
      https://fusionauth.io

      S 2 Replies Last reply 1 Aug 2023, 20:09 Reply Quote 0
      • S
        shyamsundar.k @dan
        last edited by 1 Aug 2023, 20:09

        @dan Thanks. I am able to add the license now.

        1 Reply Last reply Reply Quote 1
        • S
          shyamsundar.k @dan
          last edited by 1 Aug 2023, 20:13

          @dan I have a Java Rest API. How to authenticate the APIs using generated tokens? What are the steps?

          We need to pass the token in the API header as Authorization: Bearer<token> But what is the process so that I can validate the endpoint with the valid token if the token is invalid or does not have the required roles or scope then I should get 401 else I should be able to access the API successfully.

          D 1 Reply Last reply 4 Aug 2023, 18:19 Reply Quote 0
          • D
            dan @shyamsundar.k
            last edited by 4 Aug 2023, 18:19

            @shyamsundar-k said in How to generate and authorized java spring controller using JWT:

            We need to pass the token in the API header as Authorization: Bearer<token> But what is the process so that I can validate the endpoint with the valid token if the token is invalid or does not have the required roles or scope then I should get 401 else I should be able to access the API successfully.

            Once you have a token in your API, you can validate it in two different ways. But it's worth noting that to validate the token, you must validate the signature and then the claims.

            First option: use a library to validate the signature. Most languages have options. For java, you can use fusionauth-jwt, the readme has sample code.

            Second option: use the validate API. You could use the FusionAuth client library to make this call if you'd like.

            The first means you have to pick a library. The second means you have to make a network call.

            Either way, after you validate the signature, you need to check the claims (issuer, audience, expiration, custom claims) to make sure they are what you expect.

            Here's more about how to consume a JWT.

            --
            FusionAuth - Auth for devs, built by devs.
            https://fusionauth.io

            1 Reply Last reply Reply Quote 0
            5 out of 5
            • First post
              5/5
              Last post