Is there any way in Micronaut, where I can do an authentication to the JWT authentication provider ?

[dileepnaik]

I can Only see the documentation for the authentication mechanism in the same server.
But in my case, I have the JWT auth provider, and the clients will directly call and get the jwt token.
Clients, While sending the request it includes the bearer token, but I have to go and validate against the Auth provider. Is there any way in micronaut I can override the behaviour and make a call to AuthProvider and validate the JWT token ?

[sdelamo]

@dileepnaik I move this to a discussion. I don't think it is an issue.

Sorry but I don't fully understand your question.

Typically, in Micronaut Security when you receive a request with a JWT Bearer token we validate the signature of the JWT and the claims. We don't do an extra network call against a central service. Is that what you want to achieve?

You can always create your own implementation of TokenValidator.

I explain here the security flow: https://youtu.be/VrnVbAyKSEY?t=336

[dileepnaik]

Yes, I want to validate this token with an identity server.
call to http://someserver/validateToken

[dileepnaik]

I have implemented the custom TokenValidator, But Authentication works fine, But the Authorisation with roles is not working.
Is there anything I should be looking in to ?

[sdelamo]

Is your token a JWT. which claims does it have? Which claim do you want to use as the one contributing the roles used for Authorization? By default Micronaut uses. the roles claim but you can change it:

micronaut.security.token.roles-name Authentication attributes map key for the user’s roles. Default value "roles".