Answer the question
In order to leave comments, you need to log in
What are the ways to cross-authorize between microservices?
The bottom line is, there are three microservices.
One authorization service sends a jWT token to the client.
And the other two, each of which has its own authentication using cookies, set other authorization methods are not provided there.
What are the ways, something like cross-authorization, when the client logs in to one microservice and automatically receives the necessary cookies for two others?
I thought about trying gateway, but I don’t understand how to get cookies for two other third-party microservices at once.
Answer the question
In order to leave comments, you need to log in
If all microservices hang as subdomains on the same domain, then do authorization, for example, on example.com, set a cookie on the ".example.com" domain - pay attention to the dot at the beginning - and this cookie can be read from any subdomain. If the domains are different, then just make a single authorization center, in fact, as it was done on the toaster here for example.
We screwed the keycloak.
It's tough, but it works.
Users can walk between their deployed solutions, use the same authorization for the solution admin and wiki.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question