This Quickstart is currently in Beta. We’d love to hear your feedback!
Use AI to integrate Auth0
Use AI to integrate Auth0
If you use an AI coding assistant like Claude Code, Cursor, or GitHub Copilot, you can add Auth0 authentication automatically in minutes using agent skills.Install:Then ask your AI assistant:Your AI assistant will automatically create your Auth0 API, fetch credentials, add the Auth0 Spring Boot API SDK dependency, configure
application.yml, and implement a SecurityFilterChain with JWT validation and protected endpoints. Full agent skills documentation →Prerequisites: Before you begin, ensure you have the following installed:
- JDK 17+ for Spring Boot 3.2+ compatibility
- Maven 3.6+ or Gradle 7+ for dependency management
- Your preferred IDE (IntelliJ IDEA, Eclipse, or VS Code with Java support)
Get Started
This quickstart demonstrates how to add Auth0 JWT authentication to a Spring Boot API. You’ll build a secure API with protected endpoints using the Auth0 Spring Boot API SDK.Create a new project
Create a new Spring Boot API project for this quickstart:Using Spring Initializr:Or manually create with Maven:
Add the Auth0 SDK
Add the Auth0 Spring Boot API SDK to your project dependencies:Maven (Gradle (
pom.xml):build.gradle):Setup your Auth0 API
Next up, you need to create a new API on your Auth0 tenant and add the configuration to your project.You can choose to do this automatically by running a CLI command or do it manually via the Dashboard:
- CLI
- Dashboard
Run the following shell command on your project’s root directory to create an Auth0 API and update your
application.yml file:- Mac/Linux
- Windows (PowerShell)
Configure authentication
Create a security configuration class to enable Auth0 JWT authentication. Create
src/main/java/com/example/auth0api/SecurityConfig.java:src/main/java/com/example/auth0api/SecurityConfig.java
Create public and protected endpoints
Create API endpoints to test authentication. Create
src/main/java/com/example/auth0api/ApiController.java:src/main/java/com/example/auth0api/ApiController.java
CheckpointYou should now have a fully functional Auth0-protected API running on your localhost
Advanced Usage
Calling Protected APIs
Calling Protected APIs
Test your protected endpoints with an access token.1. Get an access token from Auth0 using the Client Credentials flow:2. Test the public endpoint (should return 200 OK):3. Test the protected endpoint without authentication (should return 401 Unauthorized):4. Call the protected endpoint with the token:
To get
YOUR_CLIENT_ID and YOUR_CLIENT_SECRET, create a Machine to Machine
Application in the Auth0 Dashboard
and authorize it for your API.Accessing JWT Claims
Accessing JWT Claims
Access additional user information and token claims in your endpoints.
DPoP Enhanced Security
DPoP Enhanced Security
Enable DPoP (Demonstration of Proof-of-Possession) for enhanced token security that binds access tokens to cryptographic keys.Configure DPoP support in application.yml:DPoP Modes:
-
ALLOWED(default): Accepts both Bearer and DPoP tokens -
REQUIRED: Only accepts DPoP tokens, rejects Bearer tokens -
DISABLED: Standard JWT Bearer validation onlyLearn more about DPoP in the Auth0 DPoP Documentation.
Common Issues
Configuration values not found
Configuration values not found
Problem: Application fails to start with configuration errors.Solution: Verify
application.yml structure and property names. Ensure the auth0 section contains Domain and Audience values.Filter order issues
Filter order issues
Problem: Authentication not working despite correct configuration.Solution: Ensure Auth0AuthenticationFilter is properly integrated with Spring Security chain. The filter must be added before UsernamePasswordAuthenticationFilter.
Network connectivity issues
Network connectivity issues
Problem: JWKS retrieval failures or connection timeouts.Solution: Corporate firewall may be blocking Auth0 endpoints. Whitelist Auth0 domains for HTTPS access:
Additional Resources
SDK Documentation
Complete SDK documentation and API reference
Code Examples
Comprehensive code examples and integration patterns
DPoP Documentation
Learn about proof-of-possession security enhancement
Spring Security Reference
Official Spring Security documentation
Auth0 Dashboard
Manage your Auth0 APIs and applications
Community Forum
Get help from the Auth0 community
Sample Application
A complete sample application demonstrating all features is available in the SDK repository.Playground Application
Includes public and protected endpoints, DPoP support, and comprehensive
examples