Microservices Authentication and Authorization Solutions
Microservices Architecture brings many benefits to software applications, including small development teams, shorter development cycles, flexibility in language selection, and enhanced service scalability.
At the same time, many complex problems of distributed systems have also been introduced. One of the challenges is how to implement a flexible, secure and efficient authentication and authorization scheme in the Microservices Architecture. This article will try to conduct a more complete discussion on this issue.
Monolithic Application Authentication and Authorization
It has been confusing to differentiate between authentication and authorization. In fact, it is very simple.
- Authentication: Refers to verify who you are, so you need to use username and password for authentication.
- Authorization: Refers to what you can do, for example access, edit or delete permissions to some documents, and this happens after verification passes.
In the monolithic architecture, the entire application is a process. In the application, a security module is generally used to implement user authentication and authorization.