Auth0 Home Blog Docs

Api authentication

authentication-api
spring
spring-security
#1

I need to implement spring basic security for web and auth0 for api in single application but both are not working together
Any one Will help me for this

#3

Hello there @ajeetku, we are be happy to help. When you get a moment can you share some more details on what may be going on. You mentioned Spring which we have a quick start doc for here. We also have detailed documentation on utilizing Auth0’s Authentication API here. Thanks!

#4

Hello James I am able to use auth0 and spring basic security one by one but together

#5

My implemention is something like this but it’s not working

protected void configure(HttpSecurity http) throws Exception {
        JwtWebSecurityConfigurer
                .forRS256("YOUR_API_AUDIENCE", "YOUR_API_ISSUER")
                .configure(http);

http.authorizeRequests()
		.antMatchers("/admin/**").access("hasRole('ROLE_ADMIN')")
		.antMatchers("/dba/**").access("hasRole('ROLE_ADMIN') or hasRole('ROLE_DBA')")
		.and().formLogin();
    }
#6

I wanted to follow up @ajeetku and see what error exactly you are getting? Whether it be in the logs or the developer console. I want to understand better the hurdle you’re facing so we can work together to resolve it. Thanks in advance.

1 Like
#7

We are returning x-auth-tocken from spring basic security after authentication but when using auth0 along with basic security it’s not return tocken after authentication in header

#8

When you get a chance @ajeetku can you DM me your tenant name and a HAR file when reproducing the workflow that produces the error. Once you got it please DM it over to me and I’ll be happy to take a deeper look at what may be going on. Thanks in advance!

#9

Thank you for the HAR file, I will take a deeper look at this and see what I am able to find that may help us troubleshoot the issue.

#10

I wanted to follow up and let you know I reached out to you via a Direct Message in regards to this topic. Thanks.

#11

Thanks you is there any update on this

#12

Hi, did code flow change? https://auth0.com/docs/api/authentication?shell#authorization-code

IRCC secret was not necessary for code flow until a week ago.

Thanks!

#13

Thank you for your update

is this related with my problem

#14

Hey there @ajeetku, when you get a chance can you respond to my direct message I sent you that is requesting more information? Thanks in advance!

#15

I wanted to follow up @ajeetku and see if when you get a minute if you could send me an updated HAR file so we can continue to further investigate the issue at hand. Thank you in advance!

#16

Ok I will send you HRA tomorrow

#17

find attached har file localhost.har (392.8 KB)

#18

When digging into the attached HAR file I only see an 401 error of “GET http://localhost:8080/user/getUserDetail” but 200 success prior to that on the same route. Is there any additional details you can share on your setup to help us troubleshoot this challenge? Thanks in advance @ajeetku!

#19

I wanted to reach out again @ajeetku and see if you had any additional details that can help us better identify what may be occurring? Thanks.

closed #20