I have followed the quick start guide on spring security to implement Auth0 according to this page: Auth0 Spring Boot API SDK Quickstarts: Authorization
However, when I test it, all links under .antMatchers .authenticated and .hasAuthority is getting 401 error, even though I am requesting with a bearer header? Below is the curl request (I am using windows). I copied the token from the ‘test’ tab in the API.
curl -H ${'authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik1ERkJPRGxETkRNeFJqRTVSa
k01UXpBME9UUkRSVFl6TmpoRVFUWkdSalJFTWpsRFJEZzJNZyJ9.eyJpc3MiOiJodHRwczovL2h1Z29rZXVuZy5ldS5hdXRoMC5jb20vIiwic3ViIjoiMERS
aHhUREFrd0RxaHhnc3l4bHVVc3RDWHI3ZGZYR3lAY2xpZW50cyIsImF1ZCI6Imh0dHA6Ly9sb2NhbGhvc3Q6ODA4MC9hcGkiLCJpYXQiOjE1NDg0NjU4MDAs
ImV4cCI6MTU0ODU1MjIwMCwiYXpwIjoiMERSaHhUREFrd0RxaHhnc3l4bHVVc3RDWHI3ZGZYR3kiLCJzY29wZSI6InJlYWQ6aGlzdG9yeSIsImd0eSI6ImNs
aWVudC1jcmVkZW50aWFscyJ9.a1CL-GnUfloOeW2-pgsW0-9DI3oItWy8D6x1OOR2I9qfBCImKFNBgoyaAZ1pMcaxWe9X5OOLrMJ9Hk1QtjnOpHC0blljMQi
IxFAXHqXtYFBtG2-2MakpNfqfZwWfEoU50Xv3CMwuctgqlFt53Fn4dc-83_ITkUPse2Dm0318dD0qyeltfNsqxwsb6egdNJXBEi6xZp4BO_N4qtuIJHNGG2M
GlAwoAd-M6OIebAfJA_sgBGw_M-YoCuMZGfDV8SADnF4rBMqAWBM9mhPi2z7hV_Edo6uzln3mCIdMDEJ0IbuNtW24jcJSxIhZU-dNSIu6R24877xQ6NSHh3U
mwut8xg’} http://localhost:8080/api/positions/all
I have already made sure that the auth0.apiAudience and auth0.issuer matched the one in the API.
I have tried accessing the .permitAll end point and it worked just fine.
Is there an important step that I missed?