7 Securing east/west traffic with JWT

This chapter covers

Using JWTs in securing service-to-service communications
Using JWT to carry user context among microservices
Using JWT for cross-domain authentication

In chapter 6, we discussed securing service-to-service communications in a microservices deployment with mTLS. mTLS is, in fact, the most popular option for authenticating one microservice to another. JSON Web Token (JWT), which provides a way to carry a set of claims or attributes from one party to another in a cryptographically secure way, also plays a key role in securing service-to-service communications in a microservices deployment.

You can use JWT to carry the identity of the calling microservice, or the identity of the end user ...

Get Microservices Security in Action now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Microservices Security in Action by Prabath Siriwardena, Wajjakkara Kankanamge Anthony Nuwan Dias

7 Securing east/west traffic with JWT

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly