Auth0 Home Blog Docs

Spring Security, 401 when following quick start guide

#1

I have followed the quick start guide on spring security to implement Auth0 according to this page: https://auth0.com/docs/quickstart/backend/java-spring-security

However, when I test it, all links under .antMatchers .authenticated and .hasAuthority is getting 401 error, even though I am requesting with a bearer header? Below is the curl request (I am using windows). I copied the token from the ‘test’ tab in the API.

    curl -H ${'authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik1ERkJPRGxETkRNeFJqRTVSa

k01UXpBME9UUkRSVFl6TmpoRVFUWkdSalJFTWpsRFJEZzJNZyJ9.eyJpc3MiOiJodHRwczovL2h1Z29rZXVuZy5ldS5hdXRoMC5jb20vIiwic3ViIjoiMERS
aHhUREFrd0RxaHhnc3l4bHVVc3RDWHI3ZGZYR3lAY2xpZW50cyIsImF1ZCI6Imh0dHA6Ly9sb2NhbGhvc3Q6ODA4MC9hcGkiLCJpYXQiOjE1NDg0NjU4MDAs
ImV4cCI6MTU0ODU1MjIwMCwiYXpwIjoiMERSaHhUREFrd0RxaHhnc3l4bHVVc3RDWHI3ZGZYR3kiLCJzY29wZSI6InJlYWQ6aGlzdG9yeSIsImd0eSI6ImNs
aWVudC1jcmVkZW50aWFscyJ9.a1CL-GnUfloOeW2-pgsW0-9DI3oItWy8D6x1OOR2I9qfBCImKFNBgoyaAZ1pMcaxWe9X5OOLrMJ9Hk1QtjnOpHC0blljMQi
IxFAXHqXtYFBtG2-2MakpNfqfZwWfEoU50Xv3CMwuctgqlFt53Fn4dc-83_ITkUPse2Dm0318dD0qyeltfNsqxwsb6egdNJXBEi6xZp4BO_N4qtuIJHNGG2M
GlAwoAd-M6OIebAfJA_sgBGw_M-YoCuMZGfDV8SADnF4rBMqAWBM9mhPi2z7hV_Edo6uzln3mCIdMDEJ0IbuNtW24jcJSxIhZU-dNSIu6R24877xQ6NSHh3U
mwut8xg’} http://localhost:8080/api/positions/all

I have already made sure that the auth0.apiAudience and auth0.issuer matched the one in the API.
I have tried accessing the .permitAll end point and it worked just fine.
Is there an important step that I missed?

#3

Hi there @Hugi, I wanted to reach out and see if I can snag a HAR file from you when you are receiving the 401 error along with your tenant name? This will allow us to take a deeper look at what’s going here when you are experiencing this issue. Thanks in advance!

#4

I wanted to touch base and see how things are coming on obtaining that HAR file. Please let us know if you have any questions.

closed #5

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.