Secure REST API with Spring Boot 3.0, Spring Security 6.0 and PASETO

Welcome to another Spring Boot tutorial. Today let’s have a look at how to build a Spring Boot REST API that supports Token based Authentication with PASETO.

Photo by Kaffeebart on Unsplash

· Prerequisites
· Overview
∘ What is PASETO?
∘ PASETO Vs JOSE (JWS, JWE and JWT)
∘ PASETO token format
· Getting Started
∘ Creating entities
∘ The UserDetailsService
∘ Spring Security configuration
∘ PASETO Utility service
∘ Project structure
· Testing
· Conclusion
· References

Prerequisites

This is the list of all the prerequisites:

• Spring Boot 3 +
• Maven 3.6.+
• Java 17 (Spring Security 6 requires JDK 17)
• PostgreSQL
• Postman / insomnia or any other API testing tool.

Overview

What is PASETO?