You design a microservices system where Service A calls Service B, which calls Service C. How should JWT token propagation be handled to ensure Service C can authenticate the user?

hard📝 Trade-off Q8 of 15

Microservices - Authentication and Authorization

AService A sends JWT to Service B, which forwards the same JWT to Service C in Authorization headers

BService A sends JWT only to Service B; Service B generates a new token for Service C

CService A sends JWT to Service C directly, bypassing Service B

DService A sends JWT in a cookie; Service B and C read it from there

Step-by-Step Solution

Solution:

Step 1: Understand token propagation chain
Each service must forward the original JWT token downstream to allow authentication at every step.
Step 2: Evaluate alternatives
Generating new tokens breaks user identity; bypassing services breaks flow; cookies are not reliable for service-to-service calls.
Final Answer:
Service A sends JWT to Service B, which forwards the same JWT to Service C in Authorization headers -> Option A
Quick Check:
Forward original JWT downstream [OK]

Quick Trick: Forward original JWT through all service calls [OK]

Common Mistakes:

MISTAKES

Generating new tokens at intermediate services
Bypassing intermediate services
Using cookies for inter-service auth

Master "Authentication and Authorization" in Microservices

9 interactive learning modes - each teaches the same concept differently

Learn Why Deep Arch Try Challenge Design Recall Scale

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions

More Microservices Quizzes

You design a microservices system where Service A calls Service B, which calls Service C. How should JWT token propagation be handled to ensure Service C can authenticate the user?

Step 1: Understand token propagation chain

Step 2: Evaluate alternatives

Final Answer:

Quick Check:

Want More Practice?