0Pricing
Spring Security 6 & JWT Authentication · Lesson

Accessing the Authenticated OAuth2 User

Learn how to read the logged-in user's profile and attributes from an OAuth2 login in Spring Security using OAuth2User and OidcUser.

After Login, Then What?

Once a user signs in through an OAuth2 provider, your app needs their profile: name, email, and provider id. Spring Security exposes this through a principal object you can inject anywhere.

The OAuth2User Principal

For plain OAuth2 logins, the authenticated principal is an OAuth2User. It holds the provider's attributes as a map plus the granted authorities.

public interface OAuth2User {
    Map<String, Object> getAttributes();
    Collection<? extends GrantedAuthority> getAuthorities();
    String getName();
}

All lessons in this course

  1. OAuth2 Client Setup
  2. Social Login Integration
  3. Custom OAuth2 Success Handler
  4. Accessing the Authenticated OAuth2 User
← Back to Spring Security 6 & JWT Authentication