A comprehensive Java library for Auth0 JWT authentication with built-in DPoP (Demonstration of Proof-of-Possession) support. This multi-module project provides both a core authentication library and Spring Boot integration for secure API development.
This repository contains multiple modules designed for different use cases:
| Module | Description | Java Version | Status |
|---|---|---|---|
| auth0-api-java | Core JWT validation library with DPoP support | Java 8+ | 🔒 Internal |
| auth0-springboot-api | Spring Boot auto-configuration and filters | Java 17+ | 📦 Published |
| auth0-springboot-api-playground | Working example application | Java 17+ | Example |
auth0-springboot-api (Published)
↳ bundles auth0-api-java (Internal - not published separately)
↳ examples in auth0-springboot-api-playground
If you're building a Spring Boot application, use the Spring Boot integration:
<dependency>
<groupId>com.auth0</groupId>
<artifactId>auth0-springboot-api</artifactId>
<version>1.0.0-SNAPSHOT</version>
</dependency>👉 Get started with Spring Boot integration →
The core library (auth0-api-java) is currently an internal module used by the Spring Boot integration. It provides:
- JWT validation with Auth0 JWKS integration
- DPoP proof validation per RFC 9449
- Flexible authentication strategies
- Comprehensive claim validation
While the Spring Boot integration provides automatic validation, developers can access the underlying auth0-api-java validation utilities for custom scenarios:
@RestController
public class AdvancedController {
@Autowired
private AuthClient authClient;
@GetMapping("/api/custom-validation")
public ResponseEntity<String> customValidation(HttpServletRequest request) {
try {
String token = extractTokenFromRequest(request);
JWTValidator validator = new JWTValidator(authClient.getAuthOptions());
DecodedJWT jwt = validator.validateTokenWithClaimEquals(token, "role", "admin");
return ResponseEntity.ok("Advanced validation passed");
} catch (BaseAuthException e) {
return ResponseEntity.status(401).body("Validation failed: " + e.getMessage());
}
}
private String extractTokenFromRequest(HttpServletRequest request) {
String authHeader = request.getHeader("Authorization");
if (authHeader != null && authHeader.startsWith("Bearer ")) {
return authHeader.substring(7);
}
throw new IllegalArgumentException("No Bearer token found");
}
}- Spring Boot Integration Guide - Complete setup and usage guide
- Spring Boot Examples - Code examples and patterns
- Playground Application - Running example
This project uses Gradle with a multi-module setup:
# Build all modules
./gradlew build
# Build specific module
./gradlew :auth0-springboot-api:build
./gradlew :auth0-api-java:build
# Run tests
./gradlew test
# Run playground application
./gradlew :auth0-springboot-api-playground:bootRunOnly the Spring Boot integration module is published as a public artifact:
| Module | Group ID | Artifact ID | Version | Status |
|---|---|---|---|---|
auth0-springboot-api |
com.auth0 |
auth0-springboot-api |
1.0.0-SNAPSHOT |
📦 Published |
auth0-api-java |
com.auth0 |
auth0-api-java |
1.0.0-SNAPSHOT |
🔒 Internal |
The core library (auth0-api-java) is bundled as an internal dependency within the Spring Boot module and is not published separately.
- Fork the repository
- Create a feature branch
- Make changes in the appropriate module
- Add tests for new functionality
- Ensure all tests pass:
./gradlew test - Ensure your commits are signed
- 7Submit a pull request
This project is licensed under the MIT License - see the LICENSE file for details.
- Issues: GitHub Issues
- Documentation: Auth0 Documentation
- Community: Auth0 Community
🎯 New to Auth0? Sign up for a free Auth0 account →