Implementation of Role-Based Access Control on OAuth 2.0 as Authentication and Authorization

Zehan Triartono, Ridha Muldina Negara, Sussi Sussi


As today’s technology transition from monolithic towards microservices architecture, the authentication and authorization system also becomes a new concern because of the difference between monolithic and microservices pattern. Monolithic mostly uses role-based access control while microservices uses scope with OAuth 2.0. With this in mind, there is a need for a model that can integrate OAuth 2.0 with role-based access control. With rolebased access control implemented on OAuth 2.0, we expect a simpler authorization process and a more secure authentication and authorization system for microservices backend architecture. This paper proposes a model to implement role-based access control on OAuth 2.0 using Laravel framework, we also test the performance of the system following by response time, data transferred and throughput. From the performance test, this approach has a good performance and can handle certain requests with simulated users even with limited resources.


Microservices; OAuth 2.0; Authentication; Authorization; Scope; Role-Based Access Control

Full Text: PDF


  • There are currently no refbacks.