Spring Security has been modernizing its authorization API over the past five years. This modernization has enabled new features like Authorized POJOs and value masking, with Multi-Factor Authentication planned for Spring Security 7. Consequently, most of the old Access API has been deprecated. The Access API includes components such as AccessDecisionManager, AccessDecisionVoter, and FilterSecurityInterceptor, along with configuration elements like @EnableGlobalMethodSecurity. Spring Security's reference guide details the benefits of this evolution and provides migration guidance. To allow more time for organizations to transition, Spring Security 7.0.0-M3 will introduce a new optional module named spring-security-access. This module will house the deprecated elements of the Access API. Developers only need to include this module if they are still utilizing AccessDecisionManager, AccessDecisionVoter, FilterSecurityInterceptor, or @EnableGlobalMethodSecurity. If an application already uses AuthorizationManager, no changes are necessary.