Categories
api java spring spring-boot spring-security

Securing Spring Boot API with API key and secret

I would like to secure the Spring Boot API so it is accessible only for the clients that has valid API key and secret. However, there is no authentication (standard login with username and password) inside the program as all data is anonymous. All I’m trying to achieve is that all API requests can be used only for specific third party front-end.

I found a lot of articles about how to secure the Spring Boot API with user authentication. But I don’t need user authentication. What I am thinking of is just provide my client with API key and secret so he has access to the endpoints.

Could you please suggest me how can I achieve this? Thank you!