Skip to main content.

Site Map

Site Map

Security

A microservice should implement security and authorize the caller for methods it exposes.

We have implemented (2) two types of security for our platform:

  • ASP.NET Core Identity - that provides authentication and authorization of requests using an industry standard.
  • Token-based Security (JWT) - that provides token-based authorization of requests for member microservices.

Default Roles

We define (2) two security roles for the platform:

  • ADMIN - Role used for administrators and synchronous communication using JWT tokens
  • USER - Role used for users registered with the system.

By default, all core APIs defined in the platform require a user with an ADMIN role. Additional customization using security policies allow you to use a wide range of authorization options to secure your application and services.

Microservice Membership

Each microservice developed is able to communicate in the infrastructure using JWT tokens. To participate, each microservice should only add the ServiceBrick.Security.Member NuGet package and call its related extension startup methods.

The token configuration defined in the applicationsettings file should be the same for all microservices. The following example shows how to configure the token:


{
    "ServiceBrick": {
        "Security": {
            "Token": {
                "ValidateIssuer": true,
                "ValidIssuer": "https://YourDomain.com",
                "ValidateAudience": true,
                "ValidAudience": "ServiceBrickAudience",
                "ValidateIssuerSigningKey": true,
                "ExpireMinutes": 1440,
                // Make sure to change this, generate 2 guids and strip characters
                "SecretKey": "768446B99503434DBA0EB19804E77763951D9D2D00F24BA4BE460396042FC5EF"
              }
        
        }
    }
}