April 2018
Intermediate to advanced
432 pages
10h 38m
English
We have already discussed some concepts and solutions related to authentication in a microservices environment. I have shown you the examples of basic and SSL authentication between microservices and a service discovery, and also between microservices and a config server. In inter-service communication, authorization seems to be more important then authentication, which is instead implemented on the edge of the system. It's worth understanding the difference between authentication and authorization. Simply put, authentication verifies who you are, while authorization verifies what you are authorized to do.
Currently the most popular authorization methods for RESTful HTTP APIs are OAuth2 and Java Web Tokens (JWT