Kingsley
JCHJava Community | Help. Code. Learn.
•Created by Kingsley on 3/19/2025 in #java-help
Way to secure spring boot micro services apis that will be consumed by a react native mobile app.
I am building a spring boot micro service applications (resource servers) and one spring cloud gateway which will act as the client that interfaces with the micro service applications and will be consumed by a reactive native mobile app.
I am currently considering running one of the micro service as an authorization server and also implement the gateway as a client. Works well with the gateway if authorization grant type is authorization code and the token relay also works well.
The problem I am facing now is that this same flow won't be seamless on mobile (if it is even possible) as there will be a couple of redirects that needs to happen to authenticate the user.
If it is possible, how can I achieve this, else how best can I secure the micro services without exposing the user's token?
6 replies