{"id":22268173,"url":"https://github.com/curityio/springboot-api-jwt-validation","last_synced_at":"2026-04-29T08:32:49.426Z","repository":{"id":74437599,"uuid":"355593819","full_name":"curityio/springboot-api-jwt-validation","owner":"curityio","description":"Spring Boot API OAuth Integration and Validation of JWTs","archived":false,"fork":false,"pushed_at":"2023-06-16T07:13:29.000Z","size":77,"stargazers_count":2,"open_issues_count":0,"forks_count":1,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-01-30T13:31:10.114Z","etag":null,"topics":["api","claims","code-example","jwt-validation","oauth2","scopes","spring-boot","zero-trust"],"latest_commit_sha":null,"homepage":"https://curity.io/resources/learn/spring-boot-api/","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/curityio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-04-07T15:24:57.000Z","updated_at":"2023-04-26T10:24:59.000Z","dependencies_parsed_at":"2024-12-03T11:11:54.283Z","dependency_job_id":"83fca344-bca7-4e86-a4af-2d5cb71ddc88","html_url":"https://github.com/curityio/springboot-api-jwt-validation","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fspringboot-api-jwt-validation","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fspringboot-api-jwt-validation/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fspringboot-api-jwt-validation/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Fspringboot-api-jwt-validation/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/curityio","download_url":"https://codeload.github.com/curityio/springboot-api-jwt-validation/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245486156,"owners_count":20623239,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","claims","code-example","jwt-validation","oauth2","scopes","spring-boot","zero-trust"],"created_at":"2024-12-03T11:11:48.620Z","updated_at":"2026-04-29T08:32:44.405Z","avatar_url":"https://github.com/curityio.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Spring Boot API OAuth Integration\n\n[![Quality](https://img.shields.io/badge/quality-experiment-red)](https://curity.io/resources/code-examples/status/)\n[![Availability](https://img.shields.io/badge/availability-source-blue)](https://curity.io/resources/code-examples/status/)\n\nA basic sample to show how to use Spring Boot as an OAuth framework for managing JWT validation.\\\nAfter validating the JWT, the controller then uses scopes and claims from the API when serving data.\n\n## Run the API\n\nFirst ensure that a Java Development Kit of 17 or later is installed.\\\nThen edit the application.yml file to point to a valid issuer URI:\n\n```yaml\nspring:\n  security:\n    oauth2:\n      resourceserver:\n        jwt:\n          issuer-uri: https://idsvr.example.com/oauth/v2/oauth-anonymous\n```\n\n## Run the API\n\nBuild and run the API with the following command, and the API will listen on port 8080 by default:\n\n```bash\n./gradlew bootRun\n```\n\n## Call the API\n\nThe API requires a valid JWT access token, or it will return a 401 response:\n\n```bash\ncurl -i http://localhost:8080/services -H \"Authorization:  Bearer eyJraWQiOiIxNzQwNDU5OTIxIiwieDV0...\"\n```\n\nThe JWT access token must have a `services:read` scope or the API will return a 403 response.\\\nIf the access token includes a claim containing `role=developer`, then the API returns additional data. \n\n## Further Information\n\n- See the [Spring Boot API Tutorial](https://curity.io/resources/learn/spring-boot-api/) for a technical walkthrough\n- Please visit [curity.io](https://curity.io/) for more information about the Curity Identity Server.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurityio%2Fspringboot-api-jwt-validation","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcurityio%2Fspringboot-api-jwt-validation","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurityio%2Fspringboot-api-jwt-validation/lists"}