How to add authorization to a REST API
To know how to add authentication to a REST API, we need to understand how authentication to any HTTP API works. In general, we use the HTTP header Authorization
with one of 2 schemes: Basic
or Bearer
.
Authentication with an API gateway
In this configuration, a preliminary service will authenticate users and clients before routing the request to another service. This configuration is very common as it simplifies development of new services behind the gateway and centralises the development and maintenance of common and regular tasks - other tasks include logging, rate-limiting, authorization, etc.