C#•4y ago•

2 replies

❔ Best Approach to Implement Authentication and Authorization in Microservices with ASP.NET Core

Hi friends,
I'm looking for experience share.
I have Microservices architecture project, that uses

EF Core 7

EF Core 7

and the Microservices are

ASP.NET Core 7 API

ASP.NET Core 7 API

.
Each service has its own database on

SQL Server

SQL Server

and it uses

EF Core

EF Core

.
I make a unified entry poiint to my Microservices project by using an

API Gateway

API Gateway

using

Ocelot

Ocelot

.

Now, I want to add the

Authentication

Authentication

, is should I create a separate

Microservice

Microservice

that will be responsible about he Authentication process and mapp it in the

API Gateway

API Gateway

(and make the other services free, without authentication)?
OR should I add the

Authentication

Authentication

for each service itself?
OR is there any best practice or good suggestion for this case ?

Note: I want to use the

JWT

JWT

and

Refresh Token

Refresh Token

mechanism for the authentication.

Please share with me your experience, and massive thanks in advance <3