Should I separate my authentication service and my user service?

by abrarisme   Last Updated March 13, 2018 00:05 AM

I'm following a microservices architecture and using JWT for authorization and authentication. I have a User service that includes some details about users, and I was considering including authorization endpoints in the User service. Is that a bad idea?

I saw some other diagrams that had the API Gateway make separate calls to both an Authorization service and a User service. If I'm using separate MongoDB databases for each of the services, wouldn't I be duplicating (some) data if I separated authorization and user endpoints?

Related Questions

Principles for secure user login/authentication

Updated June 25, 2016 08:02 AM

What software should I use to create an API Gatway?

Updated October 08, 2017 18:05 PM