Secure your REST APIs with Spring Security & Symmetric Key Encryption

Показать описание

In this video, we will be discussing the process of securing your REST APIs using Spring Security JWT and Symmetric Encryption. JWT (JSON Web Token) is a standard for creating secure access tokens that can be used to authenticate and authorize users, while symmetric encryption is a method of encrypting data using a secret key. We will be showing how to use these technologies in combination with Spring Security to create a secure and efficient authentication and authorization system for your REST APIs. This video is ideal for developers who are looking to secure their REST APIs and want to learn more about JWT and symmetric encryption.

🔗Resources & Links mentioned in this video:

👋🏻Connect with me:

Рекомендации по теме

Комментарии

Absolutely in love with this Spring Security series. It would be awesome to expand these lessons with the utilization of refresh tokens.

pedjango

Great timing! Just got instructions from my mentor to learn about JWT tomorrow, and implement it in my project! Thank you!

pejko

Hi Dan, thank you for your useful video. In the "SecurityConfig" class, the `jwt()` method in has been deprecated since version 6.1. To resolve this, I used the `.oauth2ResourceServer(oauth2 -> configuration and it worked for me.

famoniri

Great video, this is what we needed.
It would be great if you can build on top of this one so is used along with PostgresDB!

AleksandarT

Great tutorial. Could you expand on this topic and demonstrate how to implement logout functionality and refresh tokens?

jackla

A followup video about refresh token would be awesome.

minilord

Hey Dan, what is securityMatcher? How is that different from requestMatcher?

AwkwardFX

Thanks for video! But how to refresh key?

sergiopuccini

Nicely done, Dan! Can you do a tutorial about oauth2Client + JWT?

mlensment

What is the advantage of the JWT over just using basic auth here if both endpoints are in the same application?

derBobby

Could you please make a video on common exception library for Spring Webflux projects

anuragreddy

Hi Dan, great video as always.
I have one question though.
At 17:00, when creating a @Bean for JwtDecoder, in SecretKeySpec constructor, you are setting "RSA" as alghoritm.
Correct me if I'm wrong, but isn't that an asymmetric key encription?
Shouldn't we pass something like HmacSHA512?
Thanks in advance

markostrisko

How would you write a refresh token method for that application?

wagnerfaria

In the given implementation we are using basic login where credential is supplied using authorize header but if we want to do so by using a rest end point how can I do that, anyone please guide.

ayushjaiswal

And how to use the symmetric key If i have auth server and resource server in one app :) ?

blacky

Nicely done, may I know your IDE theme?

void_star_void

Hi Dan! (sorry for my bad English). I have watched carefully some of your videos about security, there is one small problem: when restarting the application all the tokens previously issued become invalid. I will be very glad and grateful if you tell me how to solve this problem or make a video like "jwt for production"! I am immensely grateful for your channel, thank you!

ilyatemnikov

What's going on with ur teeth? Why are they so white?))

doh

Thank you so much for this short and concise tutorial Dan. However, I encountered an error while following along with the tutorial. I get an error when I try to encode with HS512 algorithm. HS256 works fine. The error is below

[Request processing failed: An error occurred while attempting to encode the Jwt: Failed to sign the JWT -> The HS512 algorithm is not allowed or supported by the JWS signer: Supported algorithms: [HS256]] with root cause

The HS512 algorithm is not allowed or supported by the JWS signer: Supported algorithms: [HS256]

mrowox

Secure your REST APIs with Spring Security & Symmetric Key Encryption

Secure your REST APIs with Spring Security & Symmetric Key Encryption

Understanding The Fundamentals of API Security | How APIs are Attacked and How to Secure Them

Spring Security JWT: How to secure your Spring Boot REST APIs with JSON Web Tokens

Securing REST APIs - JWT Token Explained in 4 Minutes For Beginners Tutorial - S27E01

This is the best way to protect your APIs

How to Create a Secure REST API with Node.js and Express

Securing a REST API with JWT, concepts

Securing REST APIs with Flask: Authentication and Authorization

Spring Boot 3 + Spring Security 6 - JWT Authentication and Authorisation 2024

Developers, Secure your API | Pynt

RESTful APIs in 100 Seconds // Build an API from Scratch with Node.js Express

API Security Explained

What Is REST API? Examples And How To Use It: Crash Course System Design #3

Getting API security right - Philippe De Ryck - NDC London 2023

REST API Mistakes Every Junior Developer should Avoid | clean-code

Spring Boot 3 + Spring Security 6 - JWT Authentication and Authorisation [NEW] [2023]

Secure your API Gateway with Lambda Authorizer | Step by Step AWS Tutorial

Make your Flask API more Secure with Basic Authentication Python

Learn Spring Security 6 with Spring Boot 3 | Crash Course | Say Good Bye to Deprecated APIs

5 Best Practices for Securing Your APIs

54 - Spring Boot : How to secure our REST API using Spring Security in Spring Boot? | Almighty Java

How to protect your APIs against these 6 security threats

Difference Between REST API vs Web API vs SOAP API Explained

🔒Securing Rest APIs in Backend Application | Backend Course Hindi