Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authorization / Authentication #2

Open
torniker opened this issue Jun 7, 2018 · 1 comment
Open

Authorization / Authentication #2

torniker opened this issue Jun 7, 2018 · 1 comment

Comments

@torniker
Copy link

torniker commented Jun 7, 2018

What is the best way to implement Authorization / Authentication for this architecture?
@tinrab
Copy link
Owner

tinrab commented Jun 9, 2018

The best way would be to have a separate service and include its definitions in each service that needs to authenticate requests. In a world of microservices, you could create a service that has a database of users and exposes endpoints for logins and authorizations. Another service can call this service whenever a request needs to be authenticated. But when you only need to verify JWT tokens, you cache certificates in a specific service and save on a couple of roundtrips. Overall, I'm not sure. It's sort of complicated and there are many ways of achieving this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@torniker @tinrab