Guidance on how to log in with spring security via a external URL redirect

Hi I am new to Vaadin and spring security, currently dipping my toes on how to implement security for my application. I currently redirect the user to a external URL to be able to log in and later receive a token via postMapping, how do I approach logging in that user so they can have access to other views? Any guidance and or project examples would be appreciated.

https://vaadin.com/blog/oauth-2-and-google-sign-in-for-a-vaadin-application

thanks, but is this only for logging in with a google account? I need the user to log in via laji.fi to grant access to a image api.

laji.fi is not a common Identity provider and as per the doc on https://api.laji.fi/explorer/#!/APIUser/APIUser_create_post_api_users you have to contact them if you want to use auth functionality in your app

not sure what “as per the doc refers to” I have access to their auth client just not sure how to grant users access to views without filling a loginForm.

I think you are mixing two types of tokens. I believe the laji.fi API requires you to have an access key for the app, not one for each user.

So, if I understand this correctly, you need to make a POST request and they’ll email you the key. Then, you would save that in a secure place on your server and include that in API requests to the API.

Access token is needed to use this API. To get a token, send a POST request with your email address to /api-users endpoint and one will be send to your.

ye I already get the token and save it on my server, the part I am confused about is that if I have main dashboard restricted to only allow permitted users which in this case would be once the laji token is received via post request how do I allow that user to be able to gain access to the dashboard.
Sorry Im quite lost when it comes to how spring security works.

No worries. Security is not easy.

So, the way I see it is that the laji token is for your server to authenticate against the API. It’s not meant for authenticating users. So, that would be something you as the app author set up in your app, storing the key in an environment variable or similar on the server.

User authentication in your app would be separate from this. You could either use a OAuth login (Google/FB/GH…) or a local db for users. Once a user i logged in, they could access the dashboard view. The dashboard view would fetch data from the API with the laji key it has configured.