Token-based authorization with Ballerina
In the previous section, we discussed the Basic
authentication method, which is the simplest way to authenticate and authorize a user. Having Basic
authentication is not practical in a larger distributed system that has separate components connected over a network. Every time a user needs to access a resource, the resource function needs to verify the user by calling an authorization server.
Instead of calling an auth server for each request, a token-based authentication method uses a token to access services. This allows the system to avoid using the user's username and password and use a token instead. Token are temporary keys that can be validated with a public key which is published by the token generator. Using the username and password is more vulnerable since these remain unchanged for a long time. Tokens are comparatively short-lived and can revoke access in case of a security threat.
In this section, we will discuss different...