Reputation: 1
Spring/spring boot authorisation using JWT tokens
Looking for suggestions on how to go about with microservices authorisation.
I'm using the spring/spring boot for all them microservices
I'm able to authenticate via spring cloud gateway before reaching the actual microservices using JWT tokens however when it comes to authorisation i'm unsure on how to do it.
I would like handle the authorisation internally for each of the endpoints in the business microservice.
Is there a way to pass the JWT token to the microservice or do i need to call the authserver to get the roles within the user ?
Upvotes: 0
Views: 71
Answers (1)
Reputation: 3197
Actually, both works.
You can put the roles in the token, when you need it, decode it. Or decode it in the gateway and pass it all the way.
If you don't want to put too much data in the token, you can call the auth server as needed.
Upvotes: 1
Related Questions
- Handling authentication of microservice at Gateway service in Spring boot
- How to handle the authentication between microservices when the application originates the call
- How to add Jwt Token based security In Microservices
- Adding JWT to Spring Boot Microservices
- Microservice Authentication and Authorization using JWT
- How to consume a JWT secured microservice from another microservice Java
- How to Authorize micro-services internal communication?
- Implementing JWT Authentication on Spring Boot APIs
- Spring boot microservice with OAuth 2 and JWT for Security
- SpringCloud Microservices JSON Web Token (JWT) Security