Spring Security with JSON Web Token and Refresh Token

Learn how to use JSON Web Token and Refresh Token to secure REST APIs, manage user roles and permissions

JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object – (from JWT website). In this course, you will understand and learn how to generate and sign a Json Web Token with a refresh token that users can use to securely access your RESTful application.
This course teaches how to use JWT (JSON Web Token) to embed users’ roles and permissions to delegate user’s authorization(what they can and can’t do) in the application. This course also dives into defining and creating API, exposing API Endpoints over HTTP, and  handling HTTP Requests and File Upload through API Endpoints. It covers testing API Endpoints (using an HTTP client – Postman).

What you’ll learn

  • JSON Web Token (JWT).
  • Authentication.
  • Authorization.
  • Stateless Session Policy.
  • Manage User Security Roles.
  • Manage User Security Permissions.
  • Password Encryption.
  • Role-based Access Control.

Course Content

  • Introduction –> 4 lectures • 11min.
  • Domain Model –> 1 lecture • 9min.
  • JPA Repository –> 1 lecture • 2min.
  • Service and Implementation –> 2 lectures • 10min.
  • API Resource –> 3 lectures • 19min.
  • Security –> 7 lectures • 1hr 11min.

Spring Security with JSON Web Token and Refresh Token

Requirements

  • Familiarity with Java, Spring Framework.

JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object – (from JWT website). In this course, you will understand and learn how to generate and sign a Json Web Token with a refresh token that users can use to securely access your RESTful application.
This course teaches how to use JWT (JSON Web Token) to embed users’ roles and permissions to delegate user’s authorization(what they can and can’t do) in the application. This course also dives into defining and creating API, exposing API Endpoints over HTTP, and  handling HTTP Requests and File Upload through API Endpoints. It covers testing API Endpoints (using an HTTP client – Postman).

This course is short and focuses only on the generation of a JSON web token with a refresh token, and shows how you can use the refresh token to generate a new access token for a user. If you would like to learn more and build a full stack application and see how of this in practice, and way much more, please refer to my other course on Udemy, JSON Web Token (JWT) with Spring Security And Angular