With microservices development, I often came across a problem with implementing Authentication and Authorization (A&A). We want a robust and centrally managed authentication and authorization strategy. But, the distributed nature of the application makes it difficult to implement. In this post, I will explore how Open Policy Agent can help simplify the authorization problem.
Let’s take a quick look at the definition for Authentication and Authorization. Authentication refers to identifying the user (“who”), whereas Authorization refers to determining the level of access an authenticated user has (“what”).