All Courses are 25% of till 26th May, 2025

Days

Hours

Minutes

Seconds

Learn Spring Security OAuth

The definitive guide to secure your application with OAuth2

Why Learn About Security OAuth?

Spring Security is, of course, the gold standard for implementing mature security in Java, and so is its great support for OAuth2.

However, there’s still a lot of confusion around what OAuth actually is. So, before going deeper into the advanced aspects of the standard and into implementation with Spring Security, we’ll start by building a clear understanding of the protocol.

Once we go over the basics, we’ll dive into common OAuth scenarios with Spring Security – from accessing JWT token attributes to testing OAuth clients and using OAuth in a microservices application.

Yes, the OAuth stack can handle pretty much everything you can throw at it, quite well.

After teaching more than 2000 students security through my “Learn Spring Security” course, I’m taking the OAuth material to the next level with this fully dedicated course!

Practice by Coding

My name is Eugen, and the course is based on more than a decade of teaching experience.

I’ve been using OAuth extensively in my own consulting practice for many years now. I’ve helped teams implement (most commonly re-implement) security in their systems over a ridiculous number of Spring versions. And I’ve been teaching security throughout most of that time.

The lessons here come out of that experience, with a simple goal – to get you super comfortable with OAuth2, Spring Security and Spring Boot.

Each lesson in the course is either code-focused on a specific OAuth scenario, or theoretical, introducing you to the core concepts.

To be clear – you can’t get there by just going through the lessons – you’ll need to code, along with me, through the material. The lessons and the multiple-choice questions are your reference to come back to – whenever you need them.

I’ve structured the material to first help you select the right OAuth flow for your specific type of application. That’s a critical first step. If you’re working beyond just OAuth, have a look at the overall “Learn Spring Security” course.

The canonical reference for securing a web application with Spring Security and OAuth2.

The 6 modules cover everything from the basics of the OAuth2 flows to a full deep-dive into OpenID, JWT, Spring Boot support.

Simply put, every possible corner of an OAuth2 implementation with Spring Security.

This Course contains:

multiple-choice questions in each lesson to make sure you fully understood the material
a Certificate of Completion (example)
the download ability for all video lessons – to help you learn offline

Of course, if you have any questions about the material, ping me directly here, on chat, or over email.

~33 Hours

Original Price $127

1. Intro to OAuth2 and the OAuth2 Roles

4 LESSONS (2 Video + 2 Text) ~ 2 HOURS

Intro to OAuth2 and the OAuth2 Roles (theory) (text)
Picking the Right OAuth Grant Type/Flow to Use (theory)
The State of OAuth2 in Spring Security (preview lesson)
Setting up the Project (text)

2. The Basics of OAuth2

5 LESSONS (4 Video + 1 Text) ~ 3 HOURS

The Authorization Code Flow (theory) (preview lesson)
The Authorization Server with Keycloak
The New OAuth2 Client Support (2 parts)
The New Resource Server Support (2 parts)
JWT Support (text)

3. OAuth2 Beyond the Basics - The Resource Server

8 LESSONS (8 Text) ~ 8 HOURS

Basic Authorization with OAuth2 (preview lesson)
Verify/Validate Claims from the JWT (text)
Accessing JWT Bearer Token Authentication Attributes (text)
Accessing JWT Bearer Token Authentication Attributes Using SpEL (text)
Custom Authorities From JWT Claims (text)
Custom Validators For JWT Claims (text)
Resource Server Multi-Tenancy Support (text)
Resource Server Testing Support (text)

4. OAuth2 Beyond the Basics - The Client

5 LESSONS (5 Text) ~ 5 HOURS

The Client Configuration Under the Hood (text)
New OAuth2 Social Login (text)
Refreshing a Token (text)
Testing OAuth2 Clients (text)
The Authorization Code Flow with PKCE (text)

5. OAuth2 Beyond the Basics - Deep-Dives

9 LESSONS (9 Text) ~ 11 HOURS

OAuth2 and SPAs (theory) (text)
OAuth2 and SPAs (implementation) (text)
Exploring JWS with OAuth2 (text)
Testing OAuth2 with REST-assured (text)
OAuth2 and OpenID Connect (text)
Logout with OAuth and OIDC (text)
The Client Credentials Flow (text)
Token Revocation (text)
The Legacy Stack Authorization Server (text)

6. Microservices, Spring Security and OAuth2

3 LESSONS (3 Text) ~ 4 HOURS

OAuth Security Patterns in a Microservice Application (text)
Sharing Principal Information in Microservices (text)
Exploring Topologies – Gateway API as OAuth2 Client (2 parts) (text)

6 Modules
30 Lessons
+ Exercises in Each Lesson
+ Full Downloads for All Videos
+ Certificate of Completion
Original Price $127

41 Modules (All Courses)
206 Lessons (All Courses)
+ Exercises in Each Lesson
+ Full Downloads for All Videos
+ Certificates of Completion
+ Free IntelliJ IDEA Ultimate License
+ Pro Access

Do you have a team who would benefit from taking the course?

Here are our team licenses →

20-Day Money Back Guarantee

I believe strongly in the quality of the course material to teach you the fundamentals of API design as well as the advanced tactics to take your API into production. I’ve put a lot of work and care into the material and hope you’re going to use it and really make your REST APIs a lot better.

I confidently back all courses with a 20-Day Money Back Guarantee. I want you to dive in deep and experience the full wealth of this resource without hesitation.

If the material isn’t a good fit, just contact me within 20 days of purchase, and ask for a full refund for any single course package.