You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Microservice architectures require a large number of public and private APIs serviced by many individual services. Internal services may directly service public APIs, but don't need the added responsibility of handling multi-tenancy or authentications. These still need to be authenticated, though the endpoints should not be duplicated through an authenticated public API.
Auxy handles authentication and multi-tenancy as an authenticated internal API proxy. It handles authentication at the edge, but only proxies requests internally instead of duplicating them reducing memory pressure, common object dependencies, serialization/deserialization, and development complexity.
Workflow
Requests come in to the public API fronted by Auxy
Auxy handles an existing authentication token or credentials
Auxy checks the validity of these credentials or token
If they are invalid requests are denied at the edge
If they are valid Auxy adds a tenant or user identifier header to the request
Auxy checks the request path and proxies the request to the appropriate service
MVP
Handle basic auth
Handle adding and validating an auth token
Basic DB support with migrations for a user and/or tenant table for authentication
File based config for proxy paths to services
Instead of proxy paths this proxy could be just middleware. If any multi-target proxying is needed routing could be done behind this proxy.
Additional Features
OAuth support from Google, Twitter
Additional DB support (DynamoDB?)
The text was updated successfully, but these errors were encountered:
Business Case
Microservice architectures require a large number of public and private APIs serviced by many individual services. Internal services may directly service public APIs, but don't need the added responsibility of handling multi-tenancy or authentications. These still need to be authenticated, though the endpoints should not be duplicated through an authenticated public API.
Auxy handles authentication and multi-tenancy as an authenticated internal API proxy. It handles authentication at the edge, but only proxies requests internally instead of duplicating them reducing memory pressure, common object dependencies, serialization/deserialization, and development complexity.
Workflow
MVP
Additional Features
The text was updated successfully, but these errors were encountered: