Over the past few years, we have seen a variety of options emerging for end-user authentication and authorization to microservices deployed in a Kubernetes cluster. Should you use JWT, Session keys, mTLS, identity providers, cloud-based, SaaS, or OSS solutions? With such a variety, it's easy to get overwhelmed!
In this talk, we will use a demo application to establish a clear set of best practices that you can follow to authenticate your users and authorize their requests across multiple microservices leveraging internal and external IDPs.
We will consider the latest open-source components in the Kubernetes ecosystem that you can deploy to simplify your access control systems significantly.