← Back to microservices patterns mapauth
🎫
Microservices Pattern
Token-Based Auth (JWT)
Use signed tokens to propagate identity and authorization claims.
Detailed Description
JWTs work well for stateless identity propagation.
Use short expirations, key rotation, and careful claim design.
Visual Diagram
Auth service issues JWT Client sends token Services validate signature locally
Tradeoffs
Pros
Stateless validation, works across services
Cons
Revocation and claim freshness are hard
Examples: jsonwebtoken, jose, Auth0, Keycloak, Cognito