Reputation: 91
Spring boot microservice with OAuth 2 and JWT for Security
I am developing a Spring boot application for payment using microservices, which will be consumed by mobile application and web application.
1) Users need to be authenticated for accessing the mobile app
2) Third party mobile apps using my services need to be authenticated (with my app)
3) Web applications using my services need to be authenticated.
My user details will be there in DB or LDAP. I have plans for integrating IBM API management and the deployment will be in on-premise servers. Based on this requirement how I need to design and implement my solution?
After going through different blogs I am confused now. So a proper guidance will be very helpful for me.
Upvotes: 0
Views: 1839
Answers (1)
Reputation: 17049
Your question is a bit vague or too broad, but ... Using LDAP does not scale well, consider using NoSQL alternatives as those are closer to the principles of microservices. See:
- Microservice Authentication strategy
- http://presos.dsyer.com/decks/microservice-security.html#slide6
- https://www.quora.com/Microservices/How-do-I-handle-authentication-in-a-microservices-architecture-with-the-front-end-decoupled-too
Upvotes: 1
Related Questions
- Why Does OAuth v2 Have Both Access and Refresh Tokens?
- How to configure port for a Spring Boot application
- What are the main differences between JWT and OAuth authentication?
- Spring Boot - how to communicate between microservices?
- Disable or bypass OAuth security for microservice-to-microservice communication in Spring Boot
- How does OAuth 2 protect against things like replay attacks using the Security Token?
- ,web api call from spring boot microservice
- JWT Authorization in Microservices with Spring boot
- Microservice project structure using Spring boot and Spring Cloud