0
How to make a user authentication using the default API Gateway? I’ve read several articles but can’t find an example of code using Web API 2 and those I’ve seen using the Asp net core only makes the first authentication of the user, ie as is the context of the user logged in in Microservices "interns", follows scenario:
- Microservice of Sales
- Microservice of Stock
Imagine that users may or may not access the two microservices and each user has one account identified with a Guid, my question is how "Api Gateway" authenticates the user and sets its context so that internal Microservices can identify which resources it has access to.
Can this authentication be done by tokens? Look at this diagram: https://docs.microsoft.com/en-us/dotnet/standard/microservices-architecture/secure-net-microservices-web-applications/media/image.png. See security implementation for Service Basket and Catalog
– William John Adam Trindade
Yes, it can be done via Token, in fact the Authentication Server already returns a token, but how to make the other Apis recognize this token that is my problem. Thanks for helping me.
– DouglasMendes
You evaluated the use of Identityserver4. It is an opensource authentication framework that covers your scenario.
– William John Adam Trindade
You can use the Ocelot or Steeltoe. In the Microsoft documentation you can find some tips link
– paulohenriquevn