I'm building a back end API with spring boot and I'm using Postman to imitate the client application. Sign up is working perfectly. I am able to save user's data in database.
But on login, my code is supposed to generate a JWT token and send it back to the client application but I get this 403 forbidden error.
I have gone online to search for solutions and I was asked to disable crsf. I had done that but I'm still getting the same error.
Here is a sample of what I'm going through. https://stackoverflow.com/questions/62481328/spring-security-403-forbidden-error-keeps-happening-even-with-csrf-disable
Comment From: jzheaux
Hi, @VhiktorBrown, thanks for reaching out.
Have you already taken a look at Spring Security's built-in support for JWTs? You can see samples that verify the token against a key as well as against an authorization server. Additionally, there's a sample for an API that mints its own token.
If you require further assistance, please feel free to post a question of your own on StackOverflow as we prefer to use GitHub issues only for bugs and enhancements. Feel free to update this issue with a link to your new StackOverflow question (so that other people can find it) or add more detail if you feel this is a genuine bug.
Comment From: jzheaux
Also, I added a response to the SO question linked in the description.