Búsqueda avanzada

Easy security management over microservices architectures based on OpenAPI Specification


Nowadays, many developers around the world use RESTful APIs along microservices architectures. These APIs are increasingly being described using the OpenAPI Specification standard. Moreover, they usually require some level of security. However, maintaining security settings across the entire architecture can be a time-consuming task. For example, adding a new role to the application may lead to modifying the settings for each API. This approach presents various drawbacks, such as low scalability. We have found this problem while working on an institutional web page. This is why we are developing an extension for OpenAPI which allows for easier security management on microservices applications. Furthermore, the in-progress Node.js module will perform automatic validation of JSON Web Tokens. JWTs are a simple and standard way to implement access control. Using them along with the aforementioned extension will greatly reduce development time. By providing some configuration parameters, a single API or a whole infrastructure will be more secure. This will also cause bigger applications to be more scalable and easy to maintain.

Palabras Clave:

API - Extension - microservices - OpenAPI - REST - security - Standard





Este artículo tiene una licencia de uso CreativeCommons - Reconocimiento (by)

Descarga el artículo haciendo click aquí.