re: Be careful of the JWT hype train VIEW POST

VIEW PARENT COMMENT VIEW FULL DISCUSSION
 

API Gateway? Sounds more like an auth server.
"The JWT can also be passed to subsequent services if needed on behalf of the parent service.", that's a risk not a feature.

 

i havent dealt with this situation before
but what the auth api gateway .. will hand to the services ? the user id right ? will that be on the header ?
thank you

code of conduct - report abuse