Hi, All.
I wanted to add “role” claim to access token but it’s not possible.
I can use custom namespace with the role claim.
So…how can I configure “hasRole” method in Spring Security if the token value is ‘http://example.com/roles’=['admin’]?
http.authorizeRequests()
.mvcMatchers("/public").permitAll()
.mvcMatchers("/private").authenticated()
.mvcMatchers("/private-scoped").hasAuthority("SCOPE_read:messages")
.mvcMatchers("/private-role").hasRole("admin") //how can?
.and()
.oauth2ResourceServer().jwt();
Thanks!