Secure REST API with Spring Boot 3.0, Spring Security 6.0 and PASETO

Eric Anicet
8 min readFeb 28, 2023

Welcome to another Spring Boot tutorial. Today let’s have a look at how to build a Spring Boot REST API that supports Token based Authentication with PASETO.

Photo by Kaffeebart on Unsplash

· Prerequisites
· Overview
What is PASETO?
PASETO Vs JOSE (JWS, JWE and JWT)
PASETO token format
· Getting Started
Creating entities
The UserDetailsService
Spring Security configuration
PASETO Utility service
Project structure
· Testing
· Conclusion
· References

Prerequisites

This is the list of all the prerequisites:

  • Spring Boot 3 +
  • Maven 3.6.+
  • Java 17 (Spring Security 6 requires JDK 17)
  • PostgreSQL
  • Postman / insomnia or any other API testing tool.

Overview

What is PASETO?

--

--

Responses (3)