Token Service

Overview

Provides a centralized service to authorize and validate authentication tokens issued by our service fleet. Every intel this service requires is initially provided through a request. Subsequent validations are done through a in-memory cache.

API Documentation

POST /api/tokens/authorize

Given a token and the user associated with it, the service stores credentials to be validate in future requests
POST /api/tokens/validate

Validates if the token provided in the request was issued and authorized by this service
DELETE /api/tokens/invalidateUser/:userId

Revoke every token associated with a given user id
DELETE /api/tokens/invalidateToken/:token

Revoke the specific token provided in the request

Dependecies

The only external service used by this service is Redis.

Features in the pipeline

Instead of receiving a token to store, the service should generate its own jwt tokens for a given user; thus, token secrets and logic are all centralized in one place
This service could easily be enhanced to become an user service. Therefore, user information, including credentials, will be shared between services.

Token

Token Service

Overview

API Documentation

Dependecies

Features in the pipeline

results matching ""

No results matching ""