...

Securing Microservice to microservice communication

In secured environments, microservice to microservice communication is token protected. This process is internally managed by feign clients. Feign clients uses an OAuth2 FeignInterceptor implementation in charge of requesting/refreshing tokens and adding them as headers as part of each request.

To improve performance, our FeignInterceptor is adding an additional tenant-id header inside request, allowing downstream resource servers (RS) to identify faster the right introspector/token validator to be used at runtime, saving time and resources, specially when used with Opaque environments with multiple OAuth2 idP defined.

...

Defining a MicroService as Resource Server (RS):

...