Java Spring: Accepting JWT

Accepting JWT Tokens from IndustryApps

Configuring your Third-Party Application to accept JWT tokens acquired from IndustryApps

JWT tokens would either be acquired from your Third-Party App’s existing Authentication system or from IndustryApp’s Keycloak authentication configuration.

Keycloak is an open source software product to allow single sign-on with Identity and Access Management aimed at modern applications and services.

Handling multiple JWT issuers with Spring Security 5

The following example illustrates how to provision multiple JWT issuers with the resource server in Spring Security 5 with WebSecurityConfigurerAdapter.

Additional information about WebSecurityConfigurerAdapter in Spring 5 can be found here.

    protected void configure(HttpSecurity http) throws Exception {
      JwtIssuerAuthenticationManagerResolver authenticationManagerResolver = new JwtIssuerAuthenticationManagerResolver( 
                .oauth2ResourceServer(oauth2 -> oauth2.authenticationManagerResolver(authenticationManagerResolver)) 


Inside the controller implement the following:

@GetMapping(value = "/user/profile", produces = MediaType.APPLICATION_JSON_VALUE) 
    public User getUserProfile(@AuthenticationPrincipal Jwt principal, HttpServletRequest request) { 
        return new User("1", principal.getClaimAsString("preferred_username")); 

This controller configuration will allow requests routed either via an IndustryApps JWT token or with your Third-Party Applications' JWT token.

Existing User Role Mapping with the IndustryApp JWT Token

For checking user roles we have to map your Third-Party App’s roles into Springs' UserDetailsService function using the JwtTokenFilter function feature to allow recognition of the roles.

Last updated