In the last chapter, you learned about various ways of communication between microservices. Communication can be either of the two patterns, synchronous and asynchronous. This discussion leads us to a very interesting question, "How can one manage the security during a communication between microservices or with outer worlds?" Each service in the microservice architecture is defined to perform a set of functions. One more responsibility would be security communication, which is against the definition of microservices. Security is a major concern here in terms of authentication and authorization. In this chapter, we will dig more into the details of security of microservices.
In this chapter, we will cover the following topics:
- Security challenges in microservices
- Using JSON Web Token (JWT) along with OpenID and OAuth 2.0
- How JWT can implemented in a sample application
- Development of the credit scoring microservice