Spring Boot JWT authentication returns 403 Forbidden despite valid token

05:23 04 May 2026

I am working on a Spring Boot application with JWT authentication and React frontend.

I implemented authentication using Spring Security and JWT. The login works correctly and I receive a valid token. However, when I try to access protected endpoints, I get a 403 Forbidden error.

Here is my situation:

- User logs in successfully

- JWT token is generated and sent to frontend

- Token is included in Authorization header (Bearer token)

- But accessing protected routes returns 403

Example request:

Authorization: Bearer

Security config (simplified):

- JWT filter added

- Authentication manager configured

- Roles: USER, ADMIN

Expected behavior:

Access should be granted with a valid token.

Actual behavior:

403 Forbidden

What could be causing this issue? Is it related to roles, filter configuration, or token validation?

Any help would be appreciated.

spring spring-boot spring-security jwt token

Your Answer

Privacy & Cookie Consent