How do I approach authentication in a microservice architecture?

Question

0.00/5 (No votes)

See more:

, +

Hi,

I'm planning to write a few api's to improve my programming knowledge. But as a starter I'm thinking about authentication. I've been searching for a solution, but I'm wondering if there are better options. What I want to achieve is to have a AuthenticationAPI which handles the authentication. I want to have a kind of a microservice architecture with a few small app's/api's. The authentication (and authorisation) should be handled by the AuthenticationAPI.

What I have tried:

While searching for a solution, I ended up with IdentityServer. Which can generate a token, which can be "shared" across other app's/api's. Each app/api can check with the AuthenticationAPI if the token is still valid.

But I'm wondering if there are better options for such a architecture? Could anyone provide some other options? That would be highly appreciated.

Posted 28-Sep-17 9:49am

Cas Dijkstra

Updated 6-Jan-19 22:57pm

Add a Solution

Comments

Nathan Minier 29-Sep-17 7:50am

I live in an MS world, so we just use AD and Kerberos. If you have a backend infrastructure, LDAP is a well-supported and inter-operable mechanism for managing AAA actions that supports SSO.

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Aydin Homay · Answer 1 · 2019-01-06T22:57:00

Solution 1

IdentityService is the best solution so far I know because it allows you to make service to service authentication and service to consumer authenitcation. I have used it in serveral projects successfully and got a good results.

Posted 6-Jan-19 22:57pm

Aydin Homay