Okta in Spring Boot

Okta in Spring Boot

🔑 What is Okta?

Okta is an identity management platform that provides authentication, authorization, and user management. Instead of building your own login system, you can use Okta as your identity provider (IdP).

⚙️ Setup: Spring Boot + Okta

1. Create an Okta Developer Account

  • Sign up at Okta Developer.
  • Log in → go to ApplicationsCreate App Integration.
  • Choose:
    • OIDC – OpenID Connect
    • Web Application
  • Configure Redirect URIs:
    • For local dev: http://localhost:8080/login/oauth2/code/okta
  • Note your:
    • Client ID
    • Client Secret
    • Issuer URL (like https://dev-123456.okta.com/oauth2/default)

2. Add Dependencies (Maven)

<dependencies>
    <!-- Web -->
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-web</artifactId>
    </dependency>

    <!-- Security -->
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-oauth2-client</artifactId>
    </dependency>

    <!-- Thymeleaf (for demo UI) -->
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-thymeleaf</artifactId>
    </dependency>
</dependencies>

3. Configure application.yml

spring:
  security:
    oauth2:
      client:
        registration:
          okta:
            client-id: YOUR_CLIENT_ID
            client-secret: YOUR_CLIENT_SECRET
            scope: openid, profile, email
        provider:
          okta:
            issuer-uri: https://dev-123456.okta.com/oauth2/default

4. Create a Controller

import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.security.oauth2.core.oidc.user.OidcUser;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class HelloController {

    @GetMapping("/")
    public String home(@AuthenticationPrincipal OidcUser user) {
        return "Hello, " + user.getFullName() + " (" + user.getEmail() + ")";
    }
}

5. Run the App

  • Start Spring Boot (mvn spring-boot:run).
  • Open http://localhost:8080.
  • You’ll be redirected to Okta Login.
  • After logging in, you’ll see the greeting with your Okta profile.

✅ Summary

  • Okta handles authentication using OAuth2/OIDC.
  • Spring Security integrates with Okta via spring-boot-starter-oauth2-client.
  • You only need to configure your application.yml with Okta’s issuer, client ID, and secret.

Leave a Reply