The microservice architectural style being distributed by design gives us better options to protect valuable business critical system. Traditional .NET-based authentication and authorization techniques are not sufficient and cannot be applied to the microservice world. We also saw why secure-token-based approaches, such as OAuth 2.0 and OpenID Connect 1.0, are becoming de facto standards for microservice authorization and authentication. If you want to have more general information related to security, do visit Open Web Application Security Project (OWASP) at http://www.owasp.org and Microsoft Security development life cycle at https://www.microsoft.com/en-us/sdl/. Azure AD can very well support OAuth 2.0 and OpenID Connect 1.0. Azure API Management can also act as an API gateway in microservices' implementation and also provide nifty security features, such as policies.
Azure AD and Azure...