Skip to content

Spring boot, zuul, oauth2 authentication problem

I have been trying to build an application with Zuul, Eureka and Spring boot and recently I decided to attempt the login. As a reminder, I have already configured the authentication service (using OAuth 2.0) and I can successfully authenticate using CURL. I can also make get petitions to other microservices that have protected resources (again only with CURL because I can inject the token in the authentication header). My concern is that I want to do this with Zuul as a gateway. [![enter image description here][1]][1]

Zuul runs on port 8080 and Auth Service runs on port 1992 when I call authentication service directly on http://localhost:19992/oauth/token endpoint, it is generating token as following. [![enter image description here][2]][2] But, When I try to access authentication service through zuul server it is showing unAuthorized http://localhost:8080/auth-service/oauth/token [![enter image description here][3]][3]

My Zuul Server application.yml configuration

    register-with-eureka: true
    fetch-registry: true
    hostname: zuul-service
    instance-id: ${eureka.instance.hostname}:${}
    prefer-ip-address: true
  sensitive-headers: Cookie,Set-Cookie,Authorization```

My Question is
1. why token is not generated through zuul server?
2. How token propagate through multiple microservices?

Any help is much appreciated. 
Thanks in advance. 



I have been adding Authorization in sensativeHeaders. This won’t allow Authorization header to propagate downstream services. I removed Authorization from sensitive header then it worked like charm.

2 People found this is helpful