When you want to improve the security of a microservice-oriented application, you can configure authentication for other applications so that only the applications that match the authentication rule can call the microservice-oriented application.
Background information
The following example shows how to use service authentication in Spring Cloud.
Consumers 1, 2, and 3 and a provider belong to the same namespace. Consumers 1, 2, and 3 can call all the paths (Paths 1, 2, and 3) of the provider by default.
You can set an authentication rule for all the paths of the provider. For example, set a blacklist for Consumer 1 to prevent it from calling the provider's all paths, and set a whitelist for Consumers 2 and 3 to allow them to call the provider's paths.
You can also configure authentication for specified paths. In all-interface authentication mode, Consumers 2 and 3 can access all paths of the provider. If Path 2 involves core business or data that cannot be called by Consumer 2, you can set a blacklist for Consumer 2 to prevent it from calling Path 2. Then, Consumer 2 can only call Paths 1 and 3.
The following figure shows the call process with authentication rules configured.
Create a service authentication rule
Verify the result
After the service authentication rule is configured and enabled, verify whether it takes effect as needed.