Securing external communication
As we discussed in the previous section, OAuth2.0 is becoming the standard when it comes to securing APIs and microservices. In this section, we will see how we can implement OAuth 2.0-based security for microservices, with a few options that are available.
Implementing security at each microservice level
Given that microservices are developed by autonomous teams, they have the freedom to select the best technology stack for their respective microservices. At the same time, we have discussed that certain things need to be adhered to by all the microservices teams for better governance. Security is one such aspect that different teams need to agree on. It would help the clients of these services to follow a common, standards-based approach to consume these services.
Once the teams have agreed upon a certain approach—let's say, to use OAuth 2.0 as the security protocol to implement microservices—the next step is to implement...