Implementation of Role-Based Access Control on OAuth 2.0 as Authentication and Authorization

Zehan Triartono, Ridha Muldina Negara, Sussi Sussi

Abstract


As today’s technology transition from monolithic towards microservices architecture, the authentication and authorization system also becomes a new concern because of the difference between monolithic and microservices pattern. Monolithic mostly uses role-based access control while microservices uses scope with OAuth 2.0. With this in mind, there is a need for a model that can integrate OAuth 2.0 with role-based access control. With rolebased access control implemented on OAuth 2.0, we expect a simpler authorization process and a more secure authentication and authorization system for microservices backend architecture. This paper proposes a model to implement role-based access control on OAuth 2.0 using Laravel framework, we also test the performance of the system following by response time, data transferred and throughput. From the performance test, this approach has a good performance and can handle certain requests with simulated users even with limited resources.

Keywords


Microservices; OAuth 2.0; Authentication; Authorization; Scope; Role-Based Access Control

Full Text: PDF

Refbacks

  • There are currently no refbacks.