I am migrating from Spring Boot 1.4.9 to Spring Boot 2.0 and also to Spring Security 5 and I am trying to do authenticate via OAuth 2. But I am getting this error:

java.lang.IllegalArgumentException: There is no PasswordEncoder mapped for the id "null

From the documentation of Spring Security 5, I get to know that
storage format for password is changed.

In my current code I have created my password encoder bean as:

public BCryptPasswordEncoder passwordEncoder() {
    return new BCryptPasswordEncoder();

However it was giving me below error:

Encoded password does not look like BCrypt

So I update the encoder as per the Spring Security 5 document to:

public PasswordEncoder passwordEncoder() {
    return PasswordEncoderFactories.createDelegatingPasswordEncoder();

Now if I can see password in database it is storing as


With that 1st error gone and now when I am trying to do authentication I am getting below error:

java.lang.IllegalArgumentException: There is no PasswordEncoder mapped for the id "null

NOTE: I am already storing encrypted password in database so no need to encode again in UserDetailsService.

In the Spring security 5 documentation they suggested you can handle this exception using:


If this is the fix then where should I put it? I have tried to put it in PasswordEncoder bean like below but it wasn't working:

DelegatingPasswordEncoder def = new DelegatingPasswordEncoder(idForEncode, encoders);

MyWebSecurity class

public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    private UserDetailsService userDetailsService;

    public PasswordEncoder passwordEncoder() {
        return PasswordEncoderFactories.createDelegatingPasswordEncoder();

    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {

    public void configure(WebSecurity web) throws Exception {


    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();

MyOauth2 Configuration

protected static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {

    public TokenStore tokenStore() {
        return new InMemoryTokenStore();

    private AuthenticationManager authenticationManager;

    public TokenEnhancer tokenEnhancer() {
        return new CustomTokenEnhancer();

    public DefaultAccessTokenConverter accessTokenConverter() {
        return new DefaultAccessTokenConverter();

    public void configure(AuthorizationServerEndpointsConfigurer endpoints)
            throws Exception {

    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
                .scopes("read", "write")
                .authorizedGrantTypes("password", "refresh_token")

Please guide me with this issue. I have spend hours to fix this but not able to fix.

Best Answer

When you are configuring the ClientDetailsServiceConfigurer, you have to also apply the new password storage format to the client secret.

