Store RegisteredClient to database in Spring Authorization Server

In the previous tutorial, I showed you how to implement an Authorization Server using Spring Authorization Server, but the information about RegisteredClient in this tutorial is stored in memory. To store RegisteredClient information to the database, how will we do it? In this tutorial, I will show you how to do this!

First, I also created a new Spring Boot project with Web Starter, Security Starter, Data JPA, PostgreSQL Driver:

and Spring Authorization Server:

for example.


I will configure Spring Security as in the tutorial Implement OAuth Authorization Server using Spring Authorization Server as follows:

As for the configuration for the Authorization Server, I also do the same as the tutorial Implement OAuth Authorization Server using Spring Authorization Server, but I will declare the RegisteredClient information later:

To store RegisteredClient information in the database, first, we need to define the database structure to do this.

By default, Spring Authorization Server provides us with database scripts to create the database structure. You can copy them in the Spring Authorization Server .jar file:

You can go to Github of Spring Authorization Server here to copy these files.

I will use Flyway to manage database migration:

by copying the schema files of the Spring Authorization Server into the src/main/resources/db/migration directory as follows:

In the script that creates the oauth2_authorization table in the file V1__oauth2-authorization-schema.sql, there is a definition of the BLOB data type, presumably for the Oracle database:

If you are using PostgreSQL database like me, you need to change to TEXT type! Otherwise, running the database migration will fail.

Declare the Datasource to run the database migration as follows:

Now you can define RegisteredClient in the database, for example as follows:

Here, I define a RegisteredClient with grant type of client_credentials with a fixed ID so that every time I start the app, there is no duplicate record in the database. Depending on your needs, please write the corresponding code!

We will use the JdbcRegisteredClientRepository object to store this RegisteredClient information. The parameter when initializing the JdbcRegisteredClientRepository object is JdbcTemplate object.

Now, if you run the application, you will see in the oauth2_registered_client table, a new record of RegisteredClient that I declared above, is inserted:

That’s it guys, if you now run the application and get the clientId token above, you will see the following results:

11 thoughts on “Store RegisteredClient to database in Spring Authorization Server

  1. I am using MySQL as the database my client is register in database but when i try to get the token i am getting response unauthorized:

  2. Amazing article! Thanks! By the way, do you know how to pass the role parameter in the JWT to access to protect endpoints in Resource Server with those?

  3. Thanks nice article

    I get too many redirection error when I started using JDBC, But when I use Inmemory database it is working fine
    I do not know why its happening. Any Idea please. Thanks in advance

    1. It happened to me also when mi registered client is like the Spring Authorization Server git project example (with the registered client for this example it works ok). It put TRACE log and compared with the log for InMemory and it has a Access denied example.

      Any idea how to solve this issued is welcome

  4. Hi, thanks for these articles, they are really helpful. It would be great if you could cover the dynamic client registration endpoint ( /connect/register ) and the userinfo ( /userinfo ), both available in version 0.2.1.

  5. Thank you for the article. It is very informative. Is there currently any way to configure the authorization server to store the generated authentication tokens in the database, so when the authorization server is restarted, the authentication tokens that haven’t expired yet are still recognized by the authorization server?

Add Comment