Reputation: 133
What is a Resource Server when it comes to Microservices?
I am very confused about what is Resource Server in oAuth 😐.
Is Resource Server something like API Gateway? or is Resource Server a business type of Microservice like for example "search microservice", "shopping cart microservice"?
If I have Authorization Server, API Gateway, and 15 business type Microservices behind the API gateway, does it mean I have 15 Resource Servers?
Upvotes: 4
Views: 1598
Answers (1)
Reputation: 23436
A resource server in OAuth2 terminology is the service where the client uses the access token to manipulate the user's data.
Whether you have 15 resource servers depend on who does the token validation. If you're API gateway is validating the access token before relaying the request, then you your API gateway would be the resource server. If every microservice validates its own token, then you would have 15 resource servers.
Upvotes: 5
Related Questions
- Spring boot micro services rest API security
- Microservices resource management
- What is resource server in OAuth2 using spring cloud micro-service
- OAuth 2.0 In Microservices: When a resource server communicates with another resource server
- Securing micro-service spring cloud security Oauth2
- Oauth 2 : Spring Boot - Separate Resource server protecting Microservices
- Inter-service communication with Spring Boot and OAuth2
- OAuth2 authetication server and resource server using Spring boot
- Microservices and Spring Security OAuth2
- Spring Security OAuth2 AuthorizationServer