Scalable Access token based Authentication

Atharv SankpalAtharv Sankpal
1 min read

Monolithic Applications

For monolithic applications using a simple middleware to check for authentication via correct access token is enough to have our private routes secured

We can use symmetric encryption techniques like AES(advanced encryption standard)

Microservices based Applications

For microservices based applications we can have a separate service for authentication which will use asymmetric encryption algorithm for the encryption

The private key by the the auth service can be used to sign the tokens.

The public key can be used by other services for verifying the user in order to give access to the protected routes.
The public key can be shared by auth service via it’s own API for other services to access it.
The public key can be cached by other services also in order to reduce latency

However asymmetric encryption algorithms like RSA are slow in the relation with that of symmetric encryption algorithms, they provide us a secured system to build a scalable microservice based system.

image credits to Coder’s Gyan on yt

##

0
Subscribe to my newsletter

Read articles from Atharv Sankpal directly inside your inbox. Subscribe to the newsletter, and don't miss out.

SecurityJWT

Written by

Atharv Sankpal
Atharv Sankpal

Welcome to my blog! My name is Atharv and I am a developer with a passion for web development with strong understanding of data structures and algorithms (DSA). Recently, I have also been exploring the exciting world of app development and would likely also explore artificial intelligence/machine learning (AI/ML). I am constantly learning and experimenting with new technologies, and I enjoy sharing my knowledge and experience through this blog. You can expect to find a variety of posts on topics such as web development best practices, DSA tips and tricks, and my journey as I dive deeper into the world of app development and hopefully AI/ML. Thank you for visiting and I hope you find my blog informative and engaging. I would love to hear from you, so please feel free to leave comments or reach out to me with any questions or feedback.