Reputation: 339
Microservice Authentication and Authorization using JWT
I have created two microservices Let A and B. Every microservice having its own database and its user table for storing username and password. I am maintaining same Signing key for generating key in all microservice.
User of A microservice can access secure api of its microservice easily. But suppose i want to access secure api of B microservice then it will give me error while setting authentication object in spring security context using UserDetailsService because A microservice user is not exist in B microservice User table.
What i have to do for maintaining secure api communication between microservices with JWT Token?
Upvotes: 2
Views: 1342
Answers (1)
Reputation: 303
In Micro-service architecture we need to have a separate Micro-service Auth Service. All the request would be validated against this Auth service at API Gateway. Auth service would return JWT for valid requests and that would be passed to all micro-services.
You can refer below for better understanding:
https://microservices.io/patterns/security/access-token.html https://microservices.io/patterns/apigateway.html
Upvotes: 1
Related Questions
- Handling authentication of microservice at Gateway service in Spring boot
- Spring/spring boot authorisation using JWT tokens
- How to handle the authentication between microservices when the application originates the call
- How to add Jwt Token based security In Microservices
- Adding JWT to Spring Boot Microservices
- Authentication between microservice approach
- How to consume a JWT secured microservice from another microservice Java
- How to Authorize micro-services internal communication?
- Spring boot microservice with OAuth 2 and JWT for Security
- SpringCloud Microservices JSON Web Token (JWT) Security