Clone or download
Pull request Compare This branch is 4 commits ahead of raphaeldovale:master.
Latest commit 51b46f7 Dec 19, 2018
Type Name Latest commit message Commit time
Failed to load latest commit information.
.mvn/wrapper Bootstrap Nov 16, 2018
src Fix placeholders to follow conventions Dec 19, 2018
.gitignore Bootstrap Nov 16, 2018
LICENSE Add LICENSE Dec 13, 2018 Change application type Dec 19, 2018
mvnw Bootstrap Nov 16, 2018
mvnw.cmd Bootstrap Nov 16, 2018
pom.xml Add README Dec 19, 2018

Secure Spring REST API

This example is a resource server using Spring Boot and Spring Security. It also implements group-based authorization using Okta and OAuth 2.0.

Please read Create a Secure Spring REST API to see how this app was created.

Prerequisites: Java 8.

Okta has Authentication and User Management APIs that reduce development time with instant-on, scalable user infrastructure. Okta's intuitive API and expert support make it easy for developers to authenticate, manage, and secure users and roles in any application.

Getting Started

To install this example application, run the following commands:

git clone
cd okta-secure-spring-rest-api-example

This will get a copy of the project installed locally. To install all of its dependencies and start the app, run:

./mvnw spring-boot:run

This will likely fail. You need to configure this application to work with Okta first.

Create an Application in Okta

You will need to create an OpenID Connect Application in Okta to get your values to perform authentication.

Log in to your Okta Developer account (or sign up if you don’t have an account) and navigate to Applications > Add Application. Click Service, click Next, and give the app a name you’ll remember. Click Done and copy the clientId into src/main/resources/

    issuer: https://{yourOktaDomain}/oauth2/default  
    clientId: {yourClientId}  
    clientSecret: {yourClientSecret}    

NOTE: The value of {yourOktaDomain} should be something like dev-123456.oktapreview. Make sure you don't include -admin in the value!

After modifying this file, restart your app and you should be able to start the app and use token authentication with Okta. See Create a Secure Spring REST API for more information.


This example uses Okta's Spring Boot Starter.


Please post any questions as comments on the blog post, or visit our Okta Developer Forums.


Apache 2.0, see LICENSE.