mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-03-04 20:39:22 +00:00
16 lines
722 B
Plaintext
16 lines
722 B
Plaintext
[[webflux-oauth2-resource-server]]
|
|
= OAuth 2.0 Resource Server
|
|
|
|
Spring Security supports protecting endpoints using two forms of OAuth 2.0 https://tools.ietf.org/html/rfc6750.html[Bearer Tokens]:
|
|
|
|
* https://tools.ietf.org/html/rfc7519[JWT]
|
|
* Opaque Tokens
|
|
|
|
This is handy in circumstances where an application has delegated its authority management to an https://tools.ietf.org/html/rfc6749[authorization server] (for example, Okta or Ping Identity).
|
|
This authorization server can be consulted by resource servers to authorize requests.
|
|
|
|
[NOTE]
|
|
====
|
|
A complete working example for {gh-samples-url}/reactive/webflux/java/oauth2/resource-server[*JWTs*] is available in the {gh-samples-url}[Spring Security repository].
|
|
====
|