Free & Open Source

AuthKit-Lite – Spring Boot JWT Authentication Starter

Spring Boot JWT authentication starter built with Spring Security. Includes role-based access, refresh tokens, and a clean backend structure.

Spring Boot · JWT · RBAC · Production-ready
View on GitHub Quick Start

See It in Action

Spring Boot JWT login API response example

Login API

Returns access and refresh tokens securely.

What You Get

AuthKit-Lite gives you a lightweight, production-ready starting point with JWT, role-based access, and a clean structure so you can focus on building features.

  • JWT authentication with access and refresh tokens
  • Role-based access control for protected routes
  • Pre-built login, register, and user APIs
  • Secure password hashing using BCrypt
  • Clean architecture with separated layers
  • Ready to extend for SaaS and production apps

Use Cases

  • SaaS backend authentication systems
  • Admin dashboards with role-based access
  • REST APIs with JWT authentication
  • Microservices authentication layer

Without vs With AuthKit-Lite

Without AuthKit-Lite

  • Manual JWT setup and config
  • Repeated boilerplate in every project
  • Higher risk of security mistakes
  • Unstructured or messy architecture
  • Hours lost on setup before building

With AuthKit-lite

  • JWT authentication ready out of the box
  • Clean and modular project structure
  • Secure defaults and best practices
  • Role-based access already implemented
  • Start building features immediately

Key Features

JWT + Refresh Token Flow

Secure authentication with short-lived access tokens and refresh support.

Role-Based Authorization

Protect endpoints with fine-grained role access control.

Spring Security 6 Setup

Modern configuration using latest Spring Security practices.

Structured Codebase

Clear separation of controllers, services, and security layers.

Ready-to-Use APIs

Authentication and user endpoints available out of the box.

Easy to Extend

Designed to scale for real-world backend and SaaS applications.

Project Structure

Spring Boot project structure for JWT authentication

Modular packages

Organized into clear and reusable components.

Clean separation

Controllers, services, and repositories are well structured.

Security layer

JWT and auth logic isolated for clarity and safety.

Quick Start

1. Clone the repository

Download or clone the project from GitHub.

2. Configure environment

Set database and JWT properties in application.properties.

3. Run the application

Start the Spring Boot app and begin testing APIs.

API Endpoints

Authentication

POST /api/auth/register

Register a new user account.

POST /api/auth/login

Authenticate user and return access and refresh tokens.

POST /api/auth/refresh

Generate a new access token using refresh token.

POST /api/auth/logout

Invalidate tokens and log out the user.

User

GET /api/users/me

Get current authenticated user details.

GET /api/users/profile

Fetch user profile information.

GET /api/users/all

Retrieve list of all users (admin access).

GET /api/users/restricted

Access restricted user route based on roles.

Admin

GET /api/users/admin-only

Access admin-only protected endpoint.

Includes a ready-to-use Postman collection for testing all endpoints.

Ready to use AuthKit-Lite?

A lightweight authentication starter for Spring Boot. Set up in minutes and start building real features.

Get Source Code Explore More

Free and open source