Include the dependency

For Apache Maven:

<dependency>
    <groupId>com.okta.spring</groupId>
    <artifactId>okta-spring-security-starter</artifactId>
    <version>0.1.0</version>
</dependency>

For Gradle:

compile 'com.okta.spring:okta-spring-security-starter:0.1.0'

Configure your properties

You can configure your applications properties with environment variables, system properties, or configuration files. Take a look at the Spring Boot documentation for more details.

Property Default Details
okta.oauth.issuer N/A Authorization Server issuer URL, i.e.: https://{yourOktaDomain}.com/oauth2/default
okta.oauth.clientId N/A The Client Id of your Okta OIDC application
okta.oauth.audience api://default The audience of your Authorization Server
okta.oauth.scopeClaim scp The scope claim key in the Access Token’s JWT
okta.oauth.rolesClaim groups The claim key in the Access Token’s JWT that corresponds to an array of the users groups.

Create a Controller

The above client makes a request to /api/messages, we simply need to create a Controller to handle the response:

@RestController
class MessagesRestController {

    @GetMapping("/api/messages")
    public List<String> getMessages(Principal principal) {
        // handle request
    }
}

That’s it!

Okta’s Spring Security integration will parse the JWT access token from the HTTP request’s Authorization: Bearer header value.

Check out a Spring Boot example or this blog post.