P E N C I L
Login
BASIC CONCEPTS

Resource Owner: is user

Ex: Resource owner password grant - generate access token with password of user.

Authorization Server: generates access toekn

Resource Server: Rest API

Annotations AuthorizationServer vs ResourceServer

There are 2 main annotation:

@EnableAuthorizationServer - Switch on App as Authorization which exposes entry points to generate access tokens

@EnableResourceServer - Enable check of access token to allow access to Rest API

Those annotation can be on separate app (in real life) or on the same app

What is support of SSO?

Allow configure the authorization service (tokeninfo entry point) so that ResourceServer can validate token with that authorization server.

It's for enterprise / single authorization server not multiple (like google sign in feature).

Where to start?

https://docs.spring.io/spring-security-oauth2-boot/docs/current/reference/html/index.html