Four-Project Series

Spring Security and OAuth2 for Microservices you own this product

OAuth 2 app roles • basic Spring Security • Grant types
skills learned
implementing an OAuth 2 authorization server • implementing an OAuth 2 resource server • implementing an OAuth 2 client • using a gateway service in an OAuth 2 system • setting up a full OAuth 2 microservices system
Laurenţiu Spilcă
4 weeks · 6-8 hours per week average · INTERMEDIATE

pro $24.99 per month

  • access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
  • choose one free eBook per month to keep
  • exclusive 50% discount on all purchases

lite $19.99 per month

  • access to all Manning books, including MEAPs!


5, 10 or 20 seats+ for your team - learn more

In this liveProject series, you’ll learn to use Spring Security and OAuth 2 to build and secure backend microservices architecture. You’ll step into the role of a developer for health startup HealthX and work hands-on to create a system that can protect your users’ privacy, and scale up as your company grows. Each project in this series covers a different aspect of securing a microservices system, so you can pick the task most relevant to your career.

These projects are designed for learning purposes and are not complete, production-ready applications or solutions.

Manning author Laurenţiu Spilcă shares what he likes about the Manning liveProject platform.

here's what's included

Project 1 Implement an Authorization Server
In this liveProject, you will implement an authorization server to authenticate users and issue JSON Web Tokens signed with a configured key. You'll use a Spring Boot service to take the role of an authorization server in an OAuth 2 system, set up storage for user and client details, and ensure user details persist in a secure way. Finally, you’ll write and conduct integration tests to make sure your system is secure and bug-free.
Project 2 Manage Sensitive Data
In this liveProject, you will secure the backend of an app to protect users’ data, and design the backend as a resource server in an OAuth 2 system. You’ll configure resource server capabilities to apply endpoint and method authorization rules, and use authenticated principal details in the repository.
Project 3 Validate Requests
In this liveProject, you’ll implement a gateway service that validates the access tokens and redirects the valid requests to a service-oriented system. You’ll configure the gateway routes and gateway authorization rules, redirecting the requests to the right business logic implementation.
Project 4 Implement a Client Service
In real-world systems, services act sometimes as clients for other services. In this liveProject, you’ll implement a Spring Boot service that acts as a client for the OAuth 2 system. You’ll set up needed dependencies, register a client at the authorization server, and implement a proxy that uses the client credentials grant type. Finally, you’ll validate that the full setup works correctly and this mock server can accurately send advice to the health system.

book resources

When you start each of the projects in this series, you'll get full access to the following book for 90 days.

choose your plan


only $41.67 per month
  • five seats for your team
  • access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
  • choose another free product every time you renew
  • choose twelve free products per year
  • exclusive 50% discount on all purchases
  • Spring Security and OAuth2 for Microservices project for free

project author

Laurentiu Spilca
Laurentiu Spilca is a dedicated development lead and trainer at Endava, where he leads and consults on multiple projects from various locations in Europe, Asia, and the U.S. Laurentiu believes it's essential to not only deliver high-quality software but to also share knowledge and help others to up-skill, which has driven him to design and teach courses related to Java technologies and deliver presentations and workshops. He is the author of Spring Security in Action and Spring Quickly.


This liveProject series is for intermediate Java developers familiar with Spring and Spring Security. To begin this liveProject series you need to be familiar with the following tools, technologies, and techniques.

  • OAuth 2 app roles
  • Spring Security basic contracts such as UserDetailsService, PasswordEncoder, and GrantedAuthority
  • SQL queries for CRUD operations
  • Postman or cURL for endpoint testing
  • Authorization code, password, client credentials, and refresh token grant types
  • Unit and integration testing

you will learn

In this liveProject series, you’ll master essential skills for securing Java-based microservice architectures.

  • Secure microservices with Spring Boot and Spring Security
  • Implement authentication functionality and issue access tokens
  • Create authorization configurations for protecting users’ data
  • Protect persisted data
  • Write unit and integration tests using JUnit
  • Configure mock objects with Mockito and WireMock


You choose the schedule and decide how much time to invest as you build your project.
Project roadmap
Each project is divided into several achievable steps.
Get Help
While within the liveProject platform, get help from other participants and our expert mentors.
Compare with others
For each step, compare your deliverable to the solutions by the author and other participants.
book resources
Get full access to select books for 90 days. Permanent access to excerpts from Manning products are also included, as well as references to other resources.