in our microservices we will have custom authentication / authorization service a.k.a. UAA right? It make me sense to have user controller for login, token verification or creating user.
But there is second use case. We also want have some user administration for adding favorites contacts to user, fill profile with some additional information, user addresses and so on. In second use-case I would like to have second micro-service for that purpose. What do you recommend or what is the best practice in for that?
have one micro-service for user management like his profile, his contacts, credentials and also login / token providing
have two micro-services - one for managing user credentials, token providing (uaa) and second for user additional info
have two micro-services - one for complete separated user management, and second for authentication, token providing, and will consume rest api of user service if it will need some user data, or verify user credentials
For me is 3. option fine for that but I would like to listen your opinions.
My recommendation is to have two microservices:
One for user management like his profile, his contacts, credentials. On this microservices users will create accounts, send reset password and so on.
one for authorization (ex: Oauth2 with JWT Token). This microservice will be used only for authorization (in case of ouath2 and JWT for generate JWT tokens based on username/mail and password).
When a user will create an account, a request with user credentials and permisions will be made to authorization microservice to notify that a new user was created. Same for user reset password or delete user.
The authorization microservice will receive that request and save user credentials and permisions in own database, example Redis or PosgreSQL. Every user that will login in your service/application will first call authorization microservice, will receive a jwt token that contain user metadata (name, role and other information) and using that token will send request to other microservices of your application/service, example for user management, orders service or other.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With