Frequently Asked Questions About the Authorization Microservice
Q) How are authentication and authorization carried out?
A user is authenticated as a valid user when the entered username and the password match the registered data. A user is authorized based on the JWT token that is passed along with the request. The JWT token is expected to have a header + secret key + privileges of the user.
Only if there is a match in the secret key and if the privileges are aligned with the privileges of the service, the user is authorized to access the microservice.
Q) What if authentication and authorization fail?
If the authentication fails, the authorization check is not done. If the user is authenticated, but not authorized because of an invalid secret key or invalid privileges the user is denied to access the microservice
Q) What is standard roles and where it is used?
Standard roles are well defined roles and is assigned to an Infosys Equinox admin console user to access various resources in the admin.
2019-01-21 | PLK – Page created and content uploaded.