Reputation: 1242
Microservices jwt authentication Asp.net core 3
I got a confusion about making security of our micro-services with JWT (token)
I created a micro-service that gives me the token in response but what about the other micro-services
is it a correct way to pass the token in header request to each endpoint of each micro-service ?
thanks in advance.
Upvotes: 0
Views: 1180
Answers (1)
Reputation: 1394
One of the recommended way is to have an API gateway in place which can contact this micro-service you already have issuing JWT tokens and then it can add the token to the header of the request to the actual API call being made.
An API gateway provides highly available and thin layer between the client and micro services. One such API gateway which I can recommend: https://docs.traefik.io
Specifically, you can read about this section: https://docs.traefik.io/middlewares/forwardauth/
And a blog on the same which can guide you with a working example: here
Upvotes: 2
Related Questions
- .NET Core Authorize attribute with external JWT authentication microservice?
- .net core web api jwt
- Authentication between docker containers in microservices architecture, bypassing JWT auth for internal calls
- .Net Core microservice and inspecting Cognito JWT claims for use in authorization
- Microservice Authentication and Authorization using JWT
- Microservice communication security
- How to pass a JWT for a microservice and for a user
- Can we Protect 3 microservices api project with asp net identity jwt token?
- Authentication in microservices
- Client authentication in microservices using JWT and OpenID Connect