The microservice architectural style, being distributed by design, gives us better options when it comes to protecting valuable business-critical systems. Traditional .NET-based authentication and authorization techniques are not sufficient, and they cannot be applied to the microservices world. We also saw why secure token-based approaches, such as OAuth 2.0 and OpenID Connect 1.0, are becoming concrete standards for microservice authorization and authentication.
Azure AD can support OAuth 2.0 and OpenID Connect 1.0 very well. Azure API Management can also act as an API gateway in microservice implementation, and it provides nifty security features, such as policies.
Azure AD and Azure API Management provide quite a few powerful features so that we can monitor and log the requests that are received. This is quite useful, not only for security, but also for tracing...