Should I separate my authentication service and my user service?

by abrarisme   Last Updated March 13, 2018 00:05 AM

I'm following a microservices architecture and using JWT for authorization and authentication. I have a User service that includes some details about users, and I was considering including authorization endpoints in the User service. Is that a bad idea?

I saw some other diagrams that had the API Gateway make separate calls to both an Authorization service and a User service. If I'm using separate MongoDB databases for each of the services, wouldn't I be duplicating (some) data if I separated authorization and user endpoints?

Related Questions

User registration across multiple services

Updated March 10, 2019 11:05 AM

Principles for secure user login/authentication

Updated June 25, 2016 08:02 AM

Help with definition of broad user types

Updated October 05, 2018 07:05 AM

Microservice authentication between services

Updated September 26, 2018 17:05 PM