Custom API Authentication

aziz · July 14, 2021, 4:06am

Hi All,

We have created a custom rest controller.

@RestController

@RequestMapping("/test")
public class MyController {

@RequestMapping(value = "/email", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
public String getEmail(String test) {
    return test;
}
}

How do we use authentication on this API in a way where only logged in user can use the API
the information provided in the Docs are lacking CUBA REST API

We have integrated swagger and working fine but currently there is no authentication on it.
We would like to be able to Annotate the api where only correct UserRole can use the API.

Thanks

gorbunkov · July 20, 2021, 10:47am

Hi, what do you mean by “information are lacking”? The article describes exactly your case: how to make the custom controller bean method available only for logged in users (users who obtained the OAuth2 token).