How We Solved Authentication and Authorization in Our Microservice Architecture

 

At Andela, we have multiple internal apps built by the internal Engineering teams used to manage internal process and to make us more efficient. As time passed, the number of apps increased and each app had to evolve alongside the passing of time to enable us handle our growth. We started experiencing a number of pain points(documented here) which forced us to look towards microservices for salvation. If you want to know more about our microservice journey thus far, I recommend you check out

Scalable Architecture with EventSourcing and CQRS, Antifragile Microservice and From Monolith to Microservicesblogposts.

Building Blocks of our authentication/authorization layer

Our architecture has a number of building blocks working together to achieve a robust authentication/authorization layer.

 

FrontEnd Apps

Each app(skilltree, kaizen, pulse, allocations) is independent and written in different frontend framework. The login page for each app is similar and simple. Below is the login page for allocations app.

 

To login, the user just clicks the Login with Google button which is a link to `http://api-prod.andela.com/login?redirect_url=http://allocations.andela.com`. Once the user clicks the button, the login endpoint of the api gateway picks it up, performs all the necessary magic, logs the user in and redirects the user to the calling application.

Source: How We Solved Authentication and Authorization in Our Microservice Architecture

Be Sociable, Share!

Leave a Reply

Your email address will not be published. Required fields are marked *