DevOps Conference | December 02 - 05, 2019 in Munich 2019
The Conference for Continuous Delivery, Microservices,
Containers, Clouds and Lean Business

Microservice Authentication and Authorization

This talk originates from the archive. To the CURRENT program
August 15: ✓ Group Discount ✓ Raspberry Pi or Playstation Classic for free ✓ Save up to 510 € Register now

More talks in the program:

Tuesday, May 29 2018
11:45 - 12:45

In this talk we will look at how you can secure your microservices, we will identify the difference between authentication and authorization and why both are required. We will investigate some common patterns for request validation, including HMAC and JWT to avoid the confused deputy problem, and also how you can manage and secure secret information. Finally, we will see how we can leverage tools like the open source HashiCorp Vault as well as features from cloud providers like AWS and GCP, to keep your systems and users secure. Takeaways: 

  • Using JWT for Authz
  • How to implement two factor authentication into your applications
  • Securing microservice secrets 
  • Implementing TLS and MTLS
  • Securing database access, don’t be the next Equifax
  • Encryption in transit, secure your data
  • Building a secure secret access policy

Stay tuned:

Behind the Tracks


Kubernetes Ecosystem

Docker, Kubernetes & Co

Microservices & Software Architecture

Maximize development productivity

Continuous Delivery & Automation

Build, test and deploy agile

Cloud Platforms & Serverless

Cloud-based & native apps

Monitoring, Traceability & Diagnostics

Handle the complexity of microservices applications


DevSecOps for safer applications

Business & Company Culture

Radically optimize IT

Organizational Change

Overcome obstacles on the way towards DevOps

Live Demo #slideless

Showing how technology really works