Bootstrapping Authentication in Spring Boot Applications

The "First Admin Problem" in a fresh app: > Public registration is disabled (Security) > You can't log in (No users exist yet) So how do you get in? I built a self-destructing "setup" endpoint in Spring Boot. One simple cURL command creates the admin, issues the JWT, and locks the door behind itself. Once I had the raw token, I realized something: The Login UI is optional. I wrote a deep dive on how to bootstrap Auth and the 3 ways to inject a JWT (including the "hacker" way). Read more : https://harrysblog.vercel.app/posts/4 #SpringBoot #WebSecurity #SystemDesign #ReactJS #BuildingInPublic