JWT vs Opaque Access Tokens: Use Both With Spring Boot

The topic of validating an OAuth 2.0 access tokens comes up frequently on the Okta developer blog. Often we talk about how to validate JSON Web Token (JWT) based access tokens; however, this is NOT part of the OAuth 2.0 specification. …


This content originally appeared on Scotch.io RSS Feed and was authored by Brian Demers

The topic of validating an OAuth 2.0 access tokens comes up frequently on the Okta developer blog. Often we talk about how to validate JSON Web Token (JWT) based access tokens; however, this is NOT part of the OAuth 2.0 specification. JWTs are so commonly used that Spring Security supported them before adding support for remotely validating tokens (which is part of the OAuth 2.0 specification.)

In this post, you will build a simple application that takes advantage of both types of validation.

Prerequisites

Should I Validate Access Tokens Locally or Remote?

Whether you should validate access tokens locally (e.g., a JWT) or remotely (per spec) is a question of how much security you need. Often, people jump to, "I need all of the securities!" This statement simply isn't true—how much sec


This content originally appeared on Scotch.io RSS Feed and was authored by Brian Demers


Print Share Comment Cite Upload Translate Updates
APA

Brian Demers | Sciencx (2020-06-30T00:09:23+00:00) JWT vs Opaque Access Tokens: Use Both With Spring Boot. Retrieved from https://www.scien.cx/2020/06/30/jwt-vs-opaque-access-tokens-use-both-with-spring-boot/

MLA
" » JWT vs Opaque Access Tokens: Use Both With Spring Boot." Brian Demers | Sciencx - Tuesday June 30, 2020, https://www.scien.cx/2020/06/30/jwt-vs-opaque-access-tokens-use-both-with-spring-boot/
HARVARD
Brian Demers | Sciencx Tuesday June 30, 2020 » JWT vs Opaque Access Tokens: Use Both With Spring Boot., viewed ,<https://www.scien.cx/2020/06/30/jwt-vs-opaque-access-tokens-use-both-with-spring-boot/>
VANCOUVER
Brian Demers | Sciencx - » JWT vs Opaque Access Tokens: Use Both With Spring Boot. [Internet]. [Accessed ]. Available from: https://www.scien.cx/2020/06/30/jwt-vs-opaque-access-tokens-use-both-with-spring-boot/
CHICAGO
" » JWT vs Opaque Access Tokens: Use Both With Spring Boot." Brian Demers | Sciencx - Accessed . https://www.scien.cx/2020/06/30/jwt-vs-opaque-access-tokens-use-both-with-spring-boot/
IEEE
" » JWT vs Opaque Access Tokens: Use Both With Spring Boot." Brian Demers | Sciencx [Online]. Available: https://www.scien.cx/2020/06/30/jwt-vs-opaque-access-tokens-use-both-with-spring-boot/. [Accessed: ]
rf:citation
» JWT vs Opaque Access Tokens: Use Both With Spring Boot | Brian Demers | Sciencx | https://www.scien.cx/2020/06/30/jwt-vs-opaque-access-tokens-use-both-with-spring-boot/ |

Please log in to upload a file.




There are no updates yet.
Click the Upload button above to add an update.

You must be logged in to translate posts. Please log in or register.