diff --git a/crates/axum-utils/src/client_authorization.rs b/crates/axum-utils/src/client_authorization.rs
index 9b84148d..f7fed611 100644
--- a/crates/axum-utils/src/client_authorization.rs
+++ b/crates/axum-utils/src/client_authorization.rs
@@ -257,12 +257,13 @@ where
 {
     type Rejection = ClientAuthorizationError;
 
+    #[allow(clippy::too_many_lines)]
     async fn from_request(req: &mut RequestParts<B>) -> Result<Self, Self::Rejection> {
         let header = TypedHeader::<Authorization<Basic>>::from_request(req).await;
 
         // Take the Authorization header
         let credentials_from_header = match header {
-            Ok(header) => Some((header.username().to_string(), header.password().to_string())),
+            Ok(header) => Some((header.username().to_owned(), header.password().to_owned())),
             Err(err) => match err.reason() {
                 // If it's missing it is fine
                 TypedHeaderRejectionReason::Missing => None,
@@ -423,7 +424,7 @@ mod tests {
                 .unwrap(),
             ClientAuthorization {
                 credentials: Credentials::None {
-                    client_id: "client-id".to_string(),
+                    client_id: "client-id".to_owned(),
                 },
                 form: Some(serde_json::json!({"foo": "bar"})),
             }
@@ -453,8 +454,8 @@ mod tests {
                 .unwrap(),
             ClientAuthorization {
                 credentials: Credentials::ClientSecretBasic {
-                    client_id: "client-id".to_string(),
-                    client_secret: "client-secret".to_string(),
+                    client_id: "client-id".to_owned(),
+                    client_secret: "client-secret".to_owned(),
                 },
                 form: Some(serde_json::json!({"foo": "bar"})),
             }
@@ -482,8 +483,8 @@ mod tests {
                 .unwrap(),
             ClientAuthorization {
                 credentials: Credentials::ClientSecretBasic {
-                    client_id: "client-id".to_string(),
-                    client_secret: "client-secret".to_string(),
+                    client_id: "client-id".to_owned(),
+                    client_secret: "client-secret".to_owned(),
                 },
                 form: Some(serde_json::json!({"foo": "bar"})),
             }
@@ -550,8 +551,8 @@ mod tests {
                 .unwrap(),
             ClientAuthorization {
                 credentials: Credentials::ClientSecretPost {
-                    client_id: "client-id".to_string(),
-                    client_secret: "client-secret".to_string(),
+                    client_id: "client-id".to_owned(),
+                    client_secret: "client-secret".to_owned(),
                 },
                 form: Some(serde_json::json!({"foo": "bar"})),
             }
diff --git a/crates/axum-utils/src/cookies.rs b/crates/axum-utils/src/cookies.rs
index 3b80de39..346b932d 100644
--- a/crates/axum-utils/src/cookies.rs
+++ b/crates/axum-utils/src/cookies.rs
@@ -30,6 +30,7 @@ pub trait CookieExt {
     where
         T: DeserializeOwned;
 
+    #[must_use]
     fn encode<T>(self, t: &T) -> Self
     where
         T: Serialize;
diff --git a/crates/axum-utils/src/lib.rs b/crates/axum-utils/src/lib.rs
index 8281126d..de6f79c4 100644
--- a/crates/axum-utils/src/lib.rs
+++ b/crates/axum-utils/src/lib.rs
@@ -12,6 +12,11 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
+#![forbid(unsafe_code)]
+#![deny(clippy::all, clippy::str_to_string, rustdoc::broken_intra_doc_links)]
+#![warn(clippy::pedantic)]
+#![allow(clippy::module_name_repetitions, clippy::missing_errors_doc)]
+
 pub mod client_authorization;
 pub mod cookies;
 pub mod csrf;
diff --git a/crates/axum-utils/src/session.rs b/crates/axum-utils/src/session.rs
index d3b2bdce..9e3af970 100644
--- a/crates/axum-utils/src/session.rs
+++ b/crates/axum-utils/src/session.rs
@@ -62,8 +62,13 @@ impl SessionInfo {
 }
 
 pub trait SessionInfoExt {
+    #[must_use]
     fn session_info(self) -> (SessionInfo, Self);
+
+    #[must_use]
     fn update_session_info(self, info: &SessionInfo) -> Self;
+
+    #[must_use]
     fn set_session(self, session: &BrowserSession<PostgresqlBackend>) -> Self
     where
         Self: Sized,
diff --git a/crates/axum-utils/src/user_authorization.rs b/crates/axum-utils/src/user_authorization.rs
index ffdc2634..1947e8b5 100644
--- a/crates/axum-utils/src/user_authorization.rs
+++ b/crates/axum-utils/src/user_authorization.rs
@@ -218,7 +218,7 @@ impl Header for WwwAuthenticate {
         };
 
         let params = params.into_iter().map(|(k, v)| format!(" {}={:?}", k, v));
-        let value: String = std::iter::once(scheme.to_string()).chain(params).collect();
+        let value: String = std::iter::once(scheme.to_owned()).chain(params).collect();
         let value = HeaderValue::from_str(&value).unwrap();
         values.extend(std::iter::once(value));
     }
@@ -291,7 +291,7 @@ where
 
         // Take the Authorization header
         let token_from_header = match header {
-            Ok(header) => Some(header.token().to_string()),
+            Ok(header) => Some(header.token().to_owned()),
             Err(err) => match err.reason() {
                 // If it's missing it is fine
                 TypedHeaderRejectionReason::Missing => None,