Explore Using JWTs for CSRF and Microservices

Lindsay Brunner
Lindsay Brunner
November 3, 2017

Motorcycle Fun Fact: Did you know that if you want to negotiate a right curve on a motorcycle, you start by nudging the handlebars to the left? This is called countersteering. The initial push to the left causes the motorcycle to lean to the right.

Last year, Micah Silverman embarked upon a Java Roadstorm on behalf of Stormpath. He toured a solid chunk of the eastern seaboard of the US on his motorcycle, visiting local Java user groups and talking about how to use JWTs to secure customer identity via two code examples: CSRF and microservices. You can check out his online travel log and read more about his journey, or you can watch the talk (below) which he recently presented at CactusCon on behalf of Okta.

In the first code example, Micah shares how he replaces the standard Spring Security CSRF (cross site request forgery) token mitigation with a JWT version. The second is a basic microservices example that demonstrates how to establish trust between two microservices using JWTs.

  • You can find Micah’s slides on speakerdeck: https://speakerdeck.com/dogeared/jwts-for-csrf-and-microservices

  • You can also find the code examples that back this talk on GitHub: https://github.com/dogeared/JavaRoadStorm_CactusCon_2017

  • And finally, check out our developer blog for more awesome Java content like this: https://developer.okta.com/blog/

 

 

 

Lindsay Brunner
Lindsay Brunner

Lindsay Brunner is a Content Marketing Manager at Okta responsible for our developer blog, as well as the vision and strategy for technical communications around customer identity and application development. Prior to Okta, Lindsay led content marketing at Stormpath, and has nearly a decade of experience building great content for various brands. When she's not correcting someone's lack of an Oxford comma, Lindsay enjoys reading and gaming, especially hosting board game nights. You can catch her on Twitter @lindsayb610.

Previous
Next

September 1, 2022

Why Automation is an IT Admin’s MVP

By Alex Silk
For today’s businesses, digital transformation has become a core driver of success. And for IT administrators, there’s significant pressure to ensure that…

Read now

August 18, 2022

Okta Helps Federal Agencies Easily Deploy Phishing-Resistant MFA

By Katy Mann
A recent report from the Anti-Phishing Working Group (APWG) revealed phishing attacks for the first quarter of 2022 exceeded one million—the highest on APWG…

Read now

October 29, 2021

All About IT Infrastructure: What it is and How it's Evolving

By James Flores
IT infrastructure consists of all the core tech components that organizations need to get work done. While hardware, software, and networks are all widely…

Read now

June 24, 2021

User Management: An Afterthought for Some, Prerequisite for Others

By James Flores
You’ve just adopted a new service! Great! But no one is using it. Why not? It appears that no one has access to the application, so no one wants to create a…

Read now

July 17, 2020

What Is Provisioning and Deprovisioning?

By Mick Johnson
Provisioning is the process of making information technology (IT) systems available to users. Depending on your organization’s needs, provisioning can be…

Read now