why it is called 'APPROLE_Admin' instead of 'Admin' in Spring boot App secured b-CodePudding

I followed the article,

and assigned the user

in the spring boot application, I have to use 'APPROLE_Admin' instead of 'Admin' ? why? it is supposed to be only 'Admin', correct?

@CrossOrigin(origins = "http://localhost:8080")
@RestController
@RequestMapping("/api")
public class TutorialController {

    @Autowired
    TutorialRepository tutorialRepository;

    @PreAuthorize("hasAuthority('APPROLE_Admin')")
    @GetMapping("/tutorials")

CodePudding user response：

The APPROLE_ prefix is coming from a default property configuration from Spring Cloud Azure.

spring.cloud.azure.active-directory.resource-server.claim-to-authority-prefix-map

Configure which claim will be used to build GrantedAuthority, and prefix of the GrantedAuthority’s string value. Default value is: "scp" → "SCOPE_", "roles" → "APPROLE_".

Documentation link

You can update the property with a desired prefix:

spring:
  cloud:
    azure:
      active-directory:
        resource-server:
          claim-to-authority-prefix-map:
            roles: "" # no prefix
            scp: "MY_SCP_PREFIX_"