Implementing SSO in Microservice
Hello everyone! I hope you're all doing great wherever you are.
I'm fairly new to C# and currently trying to get a clearer understanding of SSO in a microservices environment. I’ve read quite a bit online, but I’m still unsure about the best approach.
In my case, I’m looking at a setup where companies are linked to entities, and each company has its own employees with specific access to different endpoints across multiple microservices. When it comes to handling full claims-based authentication and authorization in this kind of architecture, what would you recommend?
Some articles suggest having a dedicated SSO microservice and calling it on every endpoint request to fetch claims—but wouldn’t that put a lot of load on the SSO service if every microservice hits it constantly? Others recommend using solutions like OpenId Connect, but I’d love to hear real-world suggestions or best practices.
Any guidance would be truly appreciated—I’m a bit confused and trying to find the most practical path forward. Thanks in advance!
I'm fairly new to C# and currently trying to get a clearer understanding of SSO in a microservices environment. I’ve read quite a bit online, but I’m still unsure about the best approach.
In my case, I’m looking at a setup where companies are linked to entities, and each company has its own employees with specific access to different endpoints across multiple microservices. When it comes to handling full claims-based authentication and authorization in this kind of architecture, what would you recommend?
Some articles suggest having a dedicated SSO microservice and calling it on every endpoint request to fetch claims—but wouldn’t that put a lot of load on the SSO service if every microservice hits it constantly? Others recommend using solutions like OpenId Connect, but I’d love to hear real-world suggestions or best practices.
Any guidance would be truly appreciated—I’m a bit confused and trying to find the most practical path forward. Thanks in advance!
