Reputation: 23
Microservice with auth as separate service
Is it a best practice to have auth as a separate service in micro-service architecture application?
I saw in some microservices app, the authentication is part of each micro-services as inbuilt.
Upvotes: 0
Views: 1860
Answers (2)
Reputation: 76
Your question is not very specific. Hence, generally speaking, the short answer is yes.
One of the principles you should follow when implementing a microservices architecture is to avoid duplication of responsibilities, specially on a functional level.
Authentication is no exception to this. On the contrary, it's a critical function that you typically want to centralize. There are different patterns that can help with ensuring that authentication and authorization are implemented in a consistent way across all services, most commonly using an API gateway.
Upvotes: 0
Reputation: 25909
Yes - you'd usually want to authenticate in a separate service (many times this can be an external service). besides the obvious reason of duplication the more important reason for that is security.
Getting authentication right can be a challenge (just search for oauth, openId and/or SAML) not to mention registration flows for new users, revoking access etc.
Upvotes: 3
Related Questions
- Use JWT to authenticate separate API Microservice
- Microservices authentication
- Design independent auth service with authorization for scale
- Microservices - managing external system auth-token
- Authentication between microservice approach
- Authentication microservice decoupling
- Building authentication with Microservices Architecture
- How to make available the identity of a user across multiple microservices?
- Authentication and Authorization in Microservices
- Cross-Microservice Authorization and Authentication