Consider a microservice architecture where Service A calls Service B. If Service A authenticates a user and forwards the request, what should Service B do to maintain security?

medium📝 Conceptual Q4 of 15

Microservices - Authentication and Authorization

APerform its own authentication and authorization checks

BOnly check the request format without authentication

CTrust Service A completely and skip authentication

DAllow all requests from Service A without validation

Step-by-Step Solution

Solution:

Step 1: Recognize trust boundaries
Even if Service A authenticates the user, Service B should not blindly trust it because internal calls can be spoofed or compromised.
Step 2: Enforce authentication and authorization in Service B
Service B must verify the identity and permissions of the request to prevent unauthorized access or privilege escalation.
Final Answer:
Perform its own authentication and authorization checks -> Option A
Quick Check:
Each service authenticates independently = C [OK]

Quick Trick: Authenticate at every service boundary [OK]

Common Mistakes:

MISTAKES

Assuming trust between internal services is automatic
Skipping authorization checks inside services
Ignoring security in inter-service communication

Master "Authentication and Authorization" in Microservices

9 interactive learning modes - each teaches the same concept differently

Learn Why Deep Arch Try Challenge Design Recall Scale

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions

More Microservices Quizzes

Consider a microservice architecture where Service A calls Service B. If Service A authenticates a user and forwards the request, what should Service B do to maintain security?

Step 1: Recognize trust boundaries

Step 2: Enforce authentication and authorization in Service B

Final Answer:

Quick Check:

Want More Practice?