Scopes and Claims Enforcement
Enforce specific scopes and claims within incoming JWTs to control access to different parts of your API.
Authorization with Scopes & Claims
Welcome! In this lesson, we'll learn how to control access to your API endpoints using scopes and claims in an OAuth2 Resource Server.
These are crucial components of a JSON Web Token (JWT) that tell your server who the user is and what they are allowed to do.
Understanding OAuth2 Scopes
Think of scopes as specific permissions or access rights that a client application requests on behalf of a user.
- They are defined by the Resource Server.
- Examples:
read,write,profile,email. - When a user grants permission, these scopes are included in the issued JWT.
They define the "what" a client can do within the API.
All lessons in this course
- Resource Server Setup
- Decoding and Validating JWTs
- Scopes and Claims Enforcement
- Mapping JWT Claims to Spring Authorities