Name: jbaruch/spring-security-ai
Rating: 90.4 (1 reviews)
Author: jbaruch

Blog Docs Log in Get started

jbaruch/spring-security-ai

Secure AI agent APIs with Spring Security 7 - RBAC, method security, OAuth2, and per-user agent access control

1.24x

Quality

90%

Does it follow best practices?

Impact

92%

1.24x

Average score across 3 eval scenarios

Securityby

Passed

No known issues

Evaluation results

92%

24%

Integrate Corporate SSO with AI Agent API

Criteria

Without context

With context

issuer-uri in application.yml

100%

JwtAuthenticationConverter bean

100%

roles claim name set

100%

ROLE_ authority prefix set

100%

Converter wired into filter chain

100%

Lambda DSL for oauth2ResourceServer

100%

No password grant

100%

Password grant identified as removed

100%

oauth2-resource-server dependency

authorizeHttpRequests used

100%

16%

Secure an AI Agent REST API

Criteria

Without context

With context

Lambda DSL only

100%

authorizeHttpRequests used

100%

No legacy matchers

100%

CSRF disabled

100%

Stateless session

100%

@EnableMethodSecurity present

100%

@EnableWebSecurity present

100%

Correct endpoint rules

100%

DelegatingPasswordEncoder

100%

InMemoryUserDetailsManager

100%

OAuth2 resource server

100%

85%

17%

Role-Restricted AI Agent Tool Access

Criteria

Without context

With context

@PreAuthorize on @Tool methods

100%

@PostAuthorize usage

Reusable meta-annotation

41%

Meta-annotation structure

100%

RoleHierarchy bean

100%

Authentication param in controller

100%

User name in system prompt

100%

Authorities in system prompt

100%

AccessDenied guidance in system prompt

100%

@EnableMethodSecurity present

100%

AgentTools passed to ChatClient

50%

100%

Evaluated: 8 days ago
Agent: Claude
Model: Claude Sonnet 4.6

Table of Contents

Integrate Corporate SSO with AI Agent API Secure an AI Agent REST API Role-Restricted AI Agent Tool Access