Thank you for reading and sorry for the late reply. I think that what you want to accomplish is authorization, that is a step further than authentication.
One solution I can think of is making the auth guard aware of the microservice calling it. That way you could send to the auth microservice the token and the microservice the user is trying to access. Then you would need a place to look for user/microservices permissions and can return a response based on that.
For further actions, you may consider blocking this person and/or reporting abuse
We're a blogging-forward open source social network where we learn from one another
Thank you for reading and sorry for the late reply. I think that what you want to accomplish is authorization, that is a step further than authentication.
One solution I can think of is making the auth guard aware of the microservice calling it. That way you could send to the auth microservice the token and the microservice the user is trying to access. Then you would need a place to look for user/microservices permissions and can return a response based on that.