Spring Boot Quickstart

Drop the X-Auth Spring Boot starter in. Annotate a controller method with @Verified. Done.

Starter: com.xentranet:x-auth-spring-boot-starter Spring Boot 3.2+ Time: ~5 min

Add the starter

The starter wires up the SDK, the @Verified aspect, and a request scope binding for TransactionContext.

build.gradle.kts

dependencies {
    implementation("com.xentranet:x-auth-spring-boot-starter:1.0.0")
}

Configure your tenant id

Set the tenant id via Spring Boot properties.

application.yml

xauth:
  tenant-id: ${XAUTH_TENANT_ID}

Annotate your controller

@Verified reads the bearer, calls verify(), and aborts with 401 on mismatch. Inject the bound TransactionContext directly into the handler.

TransferController.java

package com.example.transfer;

import com.xentranet.xauth.spring.Verified;
import com.xentranet.xauth.TransactionContext;
import org.springframework.web.bind.annotation.*;

@RestController
@RequestMapping("/api")
public class TransferController {

    @PostMapping("/transfer")
    @Verified(action = "transfer", expect = { "amount" })
    public Map<String, Object> transfer(
            @RequestBody TransferRequest body,
            TransactionContext ctx) {
        ledger.transfer(ctx);
        return Map.of("ok", true);
    }
}

Pair with a frontend

Any X-Auth frontend SDK ships a bearer that this controller verifies.

React example (snippet)

const { decision, access_token } = await advice({
  action: 'transfer', amount: 2999, currency: 'USD',
});

await fetch('/api/transfer', {
  method: 'POST',
  headers: { Authorization: `Bearer ${access_token}` },
  body: JSON.stringify({ amount: 2999 }),
});

Building a pure REST API (no UI)? See the Spring Boot API quickstart.

Spring Boot Quickstart

Add the starter

Configure your tenant id

Annotate your controller

Pair with a frontend

Next steps