0Pricing
Spring Security 6 & JWT Authentication · Lesson

Role-Based Authorization with Granted Authorities

After authenticating users from a database, learn to authorize them using roles and authorities, securing endpoints and methods in Spring Security.

Authentication vs Authorization

You can now load users from a database and verify passwords. That is authentication (who you are). The next question is authorization (what you may do), driven by roles and authorities.

Authorities and Roles

Spring represents permissions as GrantedAuthority objects. A role is just an authority with a ROLE_ prefix, e.g. ROLE_ADMIN.

All lessons in this course

  1. Custom UserDetailsService Implementation
  2. Understanding Password Encoders
  3. Database User Management Integration
  4. Role-Based Authorization with Granted Authorities
← Back to Spring Security 6 & JWT Authentication