FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    FusionAuth Authorization

    Scheduled Pinned Locked Moved
    General Discussion
    2
    3
    655
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      otislinker345
      last edited by

      Hello,
      I am developing a Spring Boot REST API, this API exposes a "/verify" endpoint to validate the token and the access to a certain resource. In FusionAuth I have roles attached to my users. So is the a method to validate if the user has that role so i can let them pass?

      mark.robustelliM 1 Reply Last reply Reply Quote 0
      • mark.robustelliM
        mark.robustelli @otislinker345
        last edited by mark.robustelli

        @otislinker345 I believe the 'verify' is to make sure it is a valid. Meaning the JWT signature is valid and the payload has not be tampered with. You will need to look at the roles in a valid JWT to determine if a user has that role.

        O 1 Reply Last reply Reply Quote 0
        • O
          otislinker345 @mark.robustelli
          last edited by

          Thanks for your answer. I got it.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post