Due to the nature of the internet, applications are publicly served and are being accessed by a large number of users; therefore, security requirements are vital and they need to be implemented in the very early stages of the project development process – these practices should also be followed in a microservices ecosystem. In this chapter, we will show you how to secure your Microservices, by demonstrating with both Java-EE- and Spring-based implementations.

We will cover the following topics in this chapter:

• Securing Microservices with JSON Web Token (JWT)  
• Java Security API – JSR 375
• Spring Security with Spring-Boot-based Microservices
• HTTPS – the secured protocol