• Community
    • Forum
    • Blog
    • Toolkit
  • Pricing
  • Okta.com
  • Admin Console
  • Guides
  • Concepts
  • Reference
  • Languages & SDKs
Sign Up
    • Home
    • Guides
      • Guides overview
      • Basics
        • Quickstart: Signing in your first user
          • Create your Okta organization
          • Using the Console
          • Add a user using Console
          • Register your app
          • Try signing in
          • Try our APIs and SDKs
        • Create an API token
          • Overview
          • Create the token
          • Token expiration and deactivation
          • Next steps
        • Enable CORS
          • Overview
          • Grant cross-origin access to websites
          • Test your configuration
          • Next steps
        • Find your Okta domain
          • Overview
          • Find your Okta domain
        • Find your application credentials
          • Overview
          • Find your Application's credentials
        • Share Application Key Credentials for IdPs across Apps
          • Overview
          • Generate a new credential for the source app
          • Update the source app to use the new certificate
          • Share the source app's key credential ID with the target app
          • Update the target app to use the new credential
          • Next steps
        • Set up SAML Tracer
          • Overview
        • Upgrade SAML Apps to SHA256
          • Overview
          • Get the app info
          • Generate a new application key credential
          • Update the key credential for the app to specify the new signing key id
          • Upload the new certificate to the ISV
          • Reverting to a SHA1 Certificate
        • Sign the Okta certificate with your own CA
          • Overview
          • List your apps
          • Generate a CSR
          • Sign the CSR
          • Publish a CSR with a certificate
          • Update the key credential
          • Clone the certificate
          • Upload the new certificate to the ISV
        • Set up self-service registration
          • Before you begin
          • Enable and configure a self-service registration policy
          • Disable the security image and additional self-service recovery options
          • Customize the sign-up link in the Widget
          • Next steps
      • Sign Users In
        • Add an external Identity Provider
          • Before you begin
          • Create an App at the Identity Provider
          • Create an Identity Provider in Okta
          • Register an App in Okta
          • Create the Authorization URL
          • Use the Identity Provider to sign in
          • Next steps
        • Add multifactor authentication
          • Prerequisites
          • Set up your Okta org for MFA
          • Test the Postman setup
          • Create a test User
          • Enroll a factor
          • Activate the factor
          • Verify the factor
          • Next steps
        • Mobile App
          • Unlock a mobile app with biometrics
            • Overview
            • Add and configure packages
            • Store tokens
            • Discard access tokens
            • Retrieve refresh token
            • Next steps
          • Build a custom sign-in UI in your mobile app
            • Before you begin
            • Create an Okta application
            • Add and configure packages
            • Build the primary authentication form
            • Handle authentication responses
            • Next steps
          • Sign users in to your mobile app
            • Before you begin
            • Define a callback route
            • Create an Okta application
            • Add and configure packages
            • Open the sign-in page
            • Get info about the user
            • Check for a session at startup
            • Keep the user signed in
            • Use the access token
            • Next steps
          • Share a sign-in session with native mobile apps
            • Overview
            • Session and persistent Single Sign-On
            • Configure Two OpenID Connect Native Apps
            • Set up the first mobile app
            • Create a second mobile app
            • Optional Settings
            • Next steps
        • Sign users in to your single-page application
          • Before you begin
          • Define a callback route
          • Create an Okta application
          • Install the SDK
          • Configure the SDK
          • Add a button to sign in
          • Handle the callback from Okta
          • Require authentication
          • Get info about the user
          • Use the access token
          • Next steps
        • Sign users in to your web application
          • Before you begin
          • Understand the callback route
          • Create an Okta application
          • Add and configure packages
          • Redirect to the sign-in page
          • Require authentication
          • Get info about the user
          • Next steps
        • Sign users out
          • Before you begin
          • Define the sign-out callback
          • Sign users out of Okta
          • Sign users out of your app
          • Next steps
        • Configure Okta sign-on and App sign-on policies
          • Before you begin
          • Prompt for an MFA factor for a certain group
          • Prompt for an MFA factor when a user is outside the US
          • Next steps
      • Authorization
        • Implement the Authorization Code Flow
          • Overview
          • Set up your Application
          • Use the Authorization Code flow
          • Exchange the code for tokens
          • Next steps
        • Implement the Authorization Code Flow with PKCE
          • Overview
          • Set up your Application
          • Use the Authorization Code flow with PKCE
          • Exchange the code for tokens
          • Next steps
        • Create an Authorization Server
          • Overview
          • Create an authorization server
          • Create access policies
          • Create Rules for Each Access Policy
          • Create Scopes
          • Create Claims
          • Test the authorization server
        • Implement the Client Credentials Flow
          • Overview
          • Set up your Application
          • Create custom scopes
          • Use the Client Credentials flow
          • Next steps
        • Implement the Implicit Flow
          • Overview
          • Set up your Application
          • Use the Implicit flow
          • Next steps
        • Request user consent
          • Request user consent during authentication
          • Enable consent for scopes
          • Build the request
          • Verification
          • Revoke consent for a user
          • Troubleshooting
        • Implement the Resource Owner Password Flow
          • Overview
          • Set up your Application
          • Use the Resource Owner Password flow
          • Next steps
        • Tokens
          • Build a JWT for Client Authentication
            • Overview
            • Gather Claims Information
            • Build a JWT With a Shared Key
            • Build a JWT With a Private Key
            • Next Steps
          • Customize tokens returned from Okta with custom claims
            • Overview
            • Request a token that contains a custom claim
            • Add a custom claim to a token
            • Include app-specific information in a custom claim
            • Next steps
          • Customize tokens returned from Okta with a Groups claim
            • Overview
            • Request a token that contains a custom claim
            • Add a Groups claim for the Org Authorization Server
            • Next steps
          • Customize tokens returned from Okta with a dynamic allow list
            • Overview
            • Request a token that contains a custom claim
            • Add a Groups claim with a dynamic allow list
            • Use a dynamic group allow list with the Org Authorization Server
            • Use a dynamic group allow list with a Custom Authorization Server
            • Next steps
          • Customize tokens returned from Okta with a static allow list
            • Overview
            • Request a token that contains a custom claim
            • Add a Groups claim with a static allow list
            • Use a static group allow list with the Org Authorization Server
            • Use a static group allow list with a Custom Authorization Server
            • Next steps
          • Refresh access tokens
            • Overview
            • Refresh token rotation
            • Get a refresh token
            • Use a refresh token
            • Next steps
          • Revoke Tokens
            • Overview
            • Revoke an access token or a refresh token
            • Remove a User session
          • Work with Okta session cookies
            • Overview
          • Validate Access Tokens
            • Overview
          • Validate ID Tokens
            • Overview
      • Brand and Customize
        • Customize the Okta-hosted error pages
          • Overview
          • Edit the error page
          • Use macros
          • Customization examples
          • Next steps
        • Customize the Okta URL domain
          • Before you begin
          • Gather information
          • Enable the custom domain
          • Update other Okta settings
          • Create a custom domain with Cloudflare
          • Next steps
        • Style the Widget
          • Before you begin
          • Style the self-hosted Sign-In Widget
          • Style the Okta-hosted Sign-In Widget
          • Customization examples
          • Next steps
        • Customize SMS messages
          • Before you begin
          • Customize the Okta Default SMS message
          • Add a translation
          • Next Steps
        • Customize email notifications and email domains
          • Before you begin
          • Customize email templates
          • Configure a custom email domain
          • Next steps
      • OIN Partner Integrations
        • Build a SCIM provisioning integration
          • Overview
          • Prepare your SCIM service
          • Test your SCIM API
          • Connect your SCIM service with a new Okta integration
          • Configure your Okta integration
          • Check the attributes and corresponding mappings
          • Test your Okta integration
          • Run through OIN QA tests
          • Next Steps
        • OIDC and the OIN: A Developer Primer
          • Overview
          • Background
          • Protocol-level requirements
          • Multi-tenancy
          • OIN integration best practices
          • Next steps
        • Build a Single Sign-On (SSO) integration
          • Overview
          • Prepare your integration
          • Create your integration
          • Specify your integration settings
          • Test your integration
          • Next Steps
        • Submit an app integration
          • Overview
          • Prepare a customer-facing configuration guide
          • Configure general settings
          • Configure protocol-specific settings
          • Understand the submission process
          • Update your published integration
      • API Security
        • Implement OAuth for Okta
          • Overview
          • Create an OAuth 2.0 app in Okta
          • Define allowed scopes
          • Get an access token and make a request
          • Scopes and supported endpoints
        • Implement OAuth for Okta with a Service App
          • Overview
          • Create a public/private key pair
          • Create a service app and grant scopes
          • Create and sign the JWT
          • Get an access token
        • Protect your API endpoints
          • Before you begin
          • Add and configure packages
          • Require authentication
          • Configure CORS
          • Next steps
        • Configure an access policy
          • Overview
          • Limit which scopes some clients can access
          • Configure a custom access token lifetime per client
          • Next steps
      • Deploy to Production
        • Deployment checklist
          • Pre-launch checklist
        • Deploy your app
          • Overview
          • Java
          • JavaScript
          • Mobile
        • Migrate to Okta
          • Prerequisites
          • Bulk Migration with Credentials
          • Import Users with Inline Password Hooks
      • Hooks
        • Common Hook Set-up Steps
          • Overview
          • Setting up an external service
          • Adding Basic Authorization and Body Parsing
          • Troubleshooting hook implementations
        • Event Hook
          • Overview
          • Initial verification
          • Parse the Event Hook request
          • Examine the Event Object
          • Enable and verify Event Hook
          • Test the Event Hook
        • Password Import Inline Hook
          • Overview
          • Get submitted credentials
          • Check credentials against user store
          • Send response
          • Activate
          • Import Users
          • Test your hook
        • Registration Inline Hook
          • Overview
          • Add request code
          • Send response
          • Activate and enable
          • Preview, test, and troubleshoot
    • Concepts
      • Concepts overview
      • API Access Management
      • Authentication
      • Authorization Servers
      • Event Hooks
      • Events API Migration
      • External Identity Providers
      • Feature Lifecycle Management
      • How Okta works
      • Inline Hooks
      • Key Rotation
      • OAuth 2.0 and Open ID Connect Overview
      • Okta Data Model
      • Okta Organizations
      • Okta-Hosted Flows
      • Hosted Vs. Embedded
      • Policies
      • Social Login Overview
      • Understanding SAML
        • SAML Overview
        • SAML FAQ
      • Understanding SCIM
        • SCIM Overview
        • SCIM FAQ
    • Reference
      • API Overview
      • Sign in Your Users
        • OpenID Connect & OAuth 2.0 API
        • Authentication
      • Manage Okta Resources
        • Administrator Roles
        • Apps
        • Authorization Servers
        • Dynamic Client Registration
        • Event Hooks
        • Event Types
        • Factors
        • Features
        • Groups
        • Identity Providers
        • Inline Hooks
        • Linked Objects
        • Mappings
        • MyAccount
        • Policy
        • Schemas
        • Sessions
        • System Log
        • Templates
        • ThreatInsight
        • Trusted Origins
        • User Types
        • Users
        • Zones
      • Rate Limits
        • Rate limits overview
        • Authentication/End-user rate limits
        • Management rate limits
        • Other endpoint rate limits
        • Additional limits
        • Rate limit best practices
        • Client-based rate limits
        • DynamicScale
        • Previous rate limits
        • System Log events for rate limits
      • Error Codes
      • Import Hook
      • Okta Expression Language
      • Password Hook
      • Postman Collections
      • Registration Hook
      • Release Life Cycle
      • SAML Hook
      • SCIM Protocol
      • Social IdP Settings
      • Token Hook
      • WebFinger
      • Advanced Server Access
        • Introduction to the Advanced Server Access API
        • ASA Attributes API
        • ASA Audits API
        • ASA Clients API
        • ASA Entitlements API
        • ASA Groups API
        • ASA Projects API
        • ASA Service Users API
        • ASA Teams API
        • ASA Users API
    • Languages & SDKs
      • Languages & SDKs overview
      • Mobile
        • Android
        • iOS
        • React Native
      • Front End
        • Angular
          • Add User Authentication to Your Angular App
          • Okta Sign-In Widget and Angular
          • Okta Auth JS and Angular
        • JavaScript
          • Add User Authentication to Your JavaScript App
          • Okta Sign-In Widget Guide
          • Okta Auth SDK Guide
        • React
          • Add User Authentication to Your React App
          • Okta Sign-In Widget and React
          • Okta Auth JS and React
        • Vue
          • Add User Authentication to Your Vue App
          • Okta Sign-In Widget and Vue
          • Okta Auth JS and Vue
      • Back End
        • .Net
        • Go
        • Java
        • Node.js
        • PHP
        • Python
        • REST

Add User Management to Your Spring App

On This Page

Get Started with Spring + Okta
Loading...
    • Java
    • Spring

    Get Started with Spring + Okta

    New to Okta? Our how to guide will walk you through adding user authentication to your Spring app in minutes.

    • How To Guide

    Okta Spring Boot Starter

    The Okta Spring Boot Starter can be used to add OAuth 2.0 authorization to Spring Boot applications.

    Spring Integration Source

    Spring Libraries

    • Okta Spring Boot Starter

    Spring Samples

    • Spring Security OAuth Sample Applications for Okta

    Recommended Guides

    • Okta Authentication How To Guide
    • Social Login
    • Validate access tokens
    • Validate ID tokens
    • Spring Security SAML

    Related Blog Posts

    • Build a Basic CRUD App with Angular 5.0 and Spring Boot 2.0
    • Use React and Spring Boot to Build a Simple CRUD App
    • Secure a Spring Microservices Architecture with Spring Security and OAuth 2.0
    • 10 Excellent Ways to Secure Your Spring Boot Application
    • Build a Basic CRUD App with Angular 7.0 and Spring Boot 2.1
    • Tutorial: Develop a Mobile App With Ionic and Spring Boot
    • Build Your First Progressive Web Application with Angular and Spring Boot
    • Secure your SPA with Spring Boot and OAuth
    • Add Social Login to Your Spring Boot 2.0 App
    • Secure Your Spring Boot Application with Multi-Factor Authentication
    Edit This Page On GitHub
    On This Page
    • Get Started with Spring + Okta
    • Okta Spring Boot Starter
    • Spring Libraries
    • Spring Samples
    • Recommended Guides
    • Related Blog Posts

    Need support? Contact developers@okta.com or ask on the forum.

    Social

    • GitHub
    • Twitter
    • YouTube
    • Forum
    • Blog RSS

    Contact & Legal

    • Contact our team
    • Contact sales
    • Terms & conditions
    • Privacy policy

    More Info

    • Pricing
    • Integrate with Okta
    • Change log
    • 3rd-party notes
    OKTA.COM Products, case studies, resources
    HELP CENTER Knowledgebase, roadmaps, and more
    TRUST System status, security, compliance
    Copyright © 2021 Okta.