|
|
|
|
|
|
by akbar501
4130 days ago
|
|
|
Questions for Tom: 1.) How are you handling auth? Are you using a home grown solution or using OpenID Connect + OAuth 2.0? 2.) Is the JWT behind the firewall using a pre-shared key? 3.) What does the public token look like and how does the API Gateway perform auth? Does the token passed into the API Gateway contain only a user id? And does the API Gateway have to perform a database query to populate the full user object? side note: Thanks for writing the article. |
|
|