What is the best approach to select the security model when we are developing the spring boot rest microservices

[jkumar0021]

What is the best approach to select the security model, When we are developing the spring boot rest microservices?

[javax4u]

Basic Authentication : Username and password is not good for it , if this will be called by Mobile client or another rest api. JWT Authentication : This is good because JWT can be renewed on the fly, and User password is not touched. API to API call is good for such authentication

[jkumar0021]

Basic Authentication is good if we are developing the application and our application is not exposing the service to the internet . so no need to implement the addition call for the security. JWT Authentication : JWT Authentication we will implement when we are exposing the service to internet and only server is going to communicate the service. OATH 2 :- This Authentication module is the advance module its provide some addition feature, for example if we exposing the service on the internet and also client is also going to consume the services the we will go for oath2, for example if we are logging to the any site and its asking to validate the user by google or Facebook they are using the oath 2 concept.