Questions tagged [oauth-2.1]

OAuth 2.1 is an in-progress effort to consolidate and simplify the most commonly used features of OAuth 2.0. Use this tag for questions relating to the draft versions of OAuth 2.1.

Useful Links:

8 questions

vote

1 answer

What are the differences between OAuth 2.0 and 2.1?

I was just looking at Spring Authorization Server and noticed that it mentions OAuth 2.1. What are the differences between OAuth 2.0 and 2.1?

oauth-2.0 oauth-2.1

asked Mar 12 '22 at 13:12

Matt Ke

3,599
12
30
49

votes

1 answer

How can I authenticate a user without using the password grant_type in an OAuth flow?

As I read OAuth 2.0 recommends against using the password grant type and it is being removed in the OAuth 2.1 update. But what is the proper solution then when you have a machine-to-machine communication channel? In my case I have a couple of…

powershell oauth-2.0 clientcredential oauth-2.1

asked Aug 22 '23 at 10:35

Jules

7,148
6
26
50

votes

0 answers

spring cloud gateway as oauth2 client and react app behind it getting 404 NOT FOUND

i have an React App and Spring cloud gateway as oauth2 client and Spring authorization server as OAuth2 server , so wanna put my react app behind the gateway (BFF) this is my gateway routes : spring: cloud: gateway: default-filters: …

spring spring-security spring-cloud-gateway oauth-2.1

asked Jul 27 '23 at 09:56

Moolerian

votes

2 answers

Spring Auth Server doesn't authorize HTTP requests to secured endpoints by the passed Bearer token

The key point I am developing an application in Spring Boot 3.1.0 using the Spring Authorization Server to implement an OAuth 2.1 server for Auth Code Flow with PKCE. The OAuth works perfectly, but as soon as I continued to work on the service API…

spring-boot spring-security spring-authorization-server oauth-2.1

asked Jun 14 '23 at 18:28

SoKnight

votes

2 answers

How to get scope and roles in Oauth2/2.1 spring boot resource server?

How to get scope and roles in Oauth2/2.1 spring boot resource server? Authentication authentication = getAuthentication(); System.out.println(authentication.getAuthorities()); Authorities returns only scope. Here is my token introspect { …

java spring-boot jwt oauth2resourceserver oauth-2.1

asked Mar 17 '23 at 02:55

Thirumal

8,280
11
53
103

votes

1 answer

How to revoke oauth2.1 token in spring boot new authorization server?

How to revoke the oAuth2 token in the spring boot new authorization server? Also, where can we find all the endpoints of the authorization server? https://github.com/spring-projects/spring-authorization-server

java spring-boot spring-authorization-server oauth-2.1

asked Feb 27 '23 at 12:41

Thirumal

8,280
11
53
103

votes

1 answer

Authenticate a first-party app using Spring Authorization Server

I am building a first party mobile application that authenticates via a Spring Boot backend server (acting as the authentication and the resource server). I planned to use Spring Authorization Server to handle logging into the mobile application via…

spring-security spring-authorization-server oauth-2.1

asked Feb 25 '23 at 20:08

bcode

votes

1 answer

How to implement custom 'OAuth2TokenIntrospectionEndpointFilter' in Spring Aauthorization server 1.0.0?

I have a default Spring authorization Server implementation. i want to modify it as per my project requirements. I want to implement customized introspection endpoint in new spring authorization server. I will be having different kinds of tokens,…

spring-security oauth-2.0 spring-authorization-server authorization-server oauth-2.1

asked Dec 12 '22 at 05:46

Vinayak Pattar