Code Monkey home page Code Monkey logo

microprofile-jwt-auth's Introduction

JWT RBAC for MicroProfile

Introduction

Today, the most common solutions involving RESTful and microservices security are based on OpenID Connect(OIDC), OAuth2 and JSON Web Token (JWT) standards.

This specification outlines how the signed JWT tokens issued by OIDC and other trusted providers can be verified and their claims used for role based access control(RBAC) of microservice endpoints.

Motivation

For RESTful based microservices, security tokens in a JWT format offer a lightweight and interoperable way to propagate identities across different services, where:

  • Services don’t need to store any state about clients or users

  • Services can verify and introspect the token locally if it follows a JWT format or remotely with the trusted provider.

  • Services can identify the caller and verify a given service is indeed an indended audience of the token.

  • Services can enforce authorization policies based on the information within the token.

  • Services can use the token for both delegation and impersonation of identities.

Documentation

For links to the latest maven artifacts, Javadoc and specification document, see the latest release.

microprofile-jwt-auth's People

Contributors

starksm64 avatar sberyozkin avatar eclipse-microprofile-bot avatar dblevins avatar radcortez avatar ayoho avatar jeanouii avatar emily-jiang avatar andreas-eberle avatar brutif avatar doychin avatar eclipsewebmaster avatar jgauravgupta avatar johnament avatar mikecroft avatar teddyjtorres avatar vsmid avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.