5

I want to develop an application using microservices architecture. I'm really new at microservices and until now I've only worked with monolithich approach.

What I would like to do is to have a microservice which takes care of user authentication and have Proxy APIS to authorize the requests.

Authorizing the request in the Proxy API is pretty well documented on the IdentityServer4 docs, but, when the proxy api passes the request to the end microservice how do I authorize this request?

I know that if I setup the end microservice correctly, the same token used in the proxy api can be used to authorize the request at the end microservice. But how do I pass it? Do I grab the token from the request in the Proxy API and pass it down to the end microservice just like that? is it a good practice to do this?

Or is it a better option to block the end microservice to receive only requests from my proxy apis and have no authorization logic there?

PD: I would like to use asp.net-core

Improve this question

1 Answer 1

Reset to default
0

I know that if I setup the end microservice correctly, the same token used in the proxy api can be used to authorize the request at the end microservice. But how do I pass it? Do I grab the token from the request in the Proxy API and pass it down to the end microservice just like that? is it a good practice to do this?

Yes, it is very common to pass the JWT (or any) to pass around, proxy --> service --> proxy --> service.

And each layer can augment the token with additional details like UniqueId (for example when a request hits the first for the first time to track the chain of interactions, circuit breakers etc)

If you are application consists of multiple languages (frameworks), this approach really helps as you don't need to reimplement the authentication in each language and let proxy handle it, this especially useful with container architecture, just make sure that you leave proxy as light weight as possible, you can look into ideas based on Lyft's Envoy proxy.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.