Presentation

Microservice AuthN and AuthZ

Sep 15, 2019

Learn how you can use HashiCorp Consul and Vault to handle microservice authentication and authorization challenges.

Speakers

  • Nic Jackson

    Nic Jackson

    Developer Advocate, HashiCorp

At a DevOps Con session, HashiCorp Developer Advocate Nic Jackson coveres the topics of microservice authentication (AuthN) and authorization (AuthZ), identifying the differences between the two and explaining why you need both.

This talk covers common patterns for request validation to avoid the "confused deputy problem" with things like HMAC and JWT. Nic will also cover the importance of centralized secrets managemnt and show how you can use tools such as open source HashiCorp Vault to keep your systems and users secure.

What you'll learn

  • How to use JWT for AuthZ
  • How to implement 2-factor authentication for your apps
  • How to secure microservice secrets
  • Implementing TLS and mTLS (Consul Connect can ensure secure service-to-service comms)
  • How to avoid being the next Equifax and secure your database access
  • How to encrypt your data in-transit and at rest
  • How to build secure secret access policies

Stay Informed

Subscribe to our monthly newsletter to get the latest news and product updates.

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now

×