Skip to content
Integration of Auth0 JWT and Spring Boot
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

Auth0 JWT Spring Boot

Build Status Codacy Badge Codacy Badge

Integrates Auth0 JWT with Spring Boot.


For Spring-Boot 1.X use:



For Spring-Boot 2.X use:



Going forward updates will only be made for 2.X compatibility.


Add @EnableAuth0JwtSpringBoot to the Application-class (the class containing the @SpringBootApplication).
This will enable the auth0 JWT integration and also include the jasypt-spring-boot.

To test locally enable jwt-test-mode and configure jwt-secret. This will return a mock JWT that is encrypted with the configured secret.


This class helps you with extracting information from the JWT. It can be used in your Spring component by autowiring it in.

Get property
To get a property in the JWT, for example nickname:

String nickname = auth0Jwt.getProperty("nickname");

Get name
To get a formatted name from the Auth0 nickname:

String name = auth0Jwt.getName();

Get object
Get object from app_metadata in the JWT. Send an object that matches your Auth0 app_metadata content and have it serialized to this.

Permission permission = auth0Jwt.get(Permission.class);


Key Description Default value
basic-auth.username Basic authentication header username
basic-auth.password Basic authentication header password
jwt-secret Secret used to verify JWT (from auth0)
jwt-encoded-secret If the secret configured with 'jwt-secret' is base64 url-safe encoded true
jwt-key The key used to store the jwt in the header. If the token is not found using 'jwt-key', it will try to use the standard Authorization-header jwt
jwt-test-mode Enable test mode to return mock JWT false
jwt-test-token If jwt-test-mode is enabled, return the configured token. If no token is configured, the default test-token is returned
jwt-test-token-file If jwt-test-mode is enabled, use the content in the file test-jwt.json in classpath (or other filename if configured). If the default filename is present, it will be used. If jwt-test-token is also configured this will be prioritized. test-jwt.json

Default test-token

Example test-jwt.json

To encode/decode jwt

"user_id": "auth0|1231232131231231",
"name": "",
"nickname": "john.doe",
"email": "",
"app_metadata": {
"roles": [
You can’t perform that action at this time.