Securing the user experience
Security is a top priority and a common thread throughout this book. In Chapter 2, Defining Boundaries and Letting Go, we secure the perimeter of a system, in Chapter 5, Turning the Cloud into the Database, we encrypt data at rest, in Chapter 6, A Best Friend for the Frontend, we secure BFF services in depth, and in Chapter 7, Bridging Intersystem Gaps, we secure the interactions with external systems.
In this section, we look at the security of the presentation tier. First, we will provide authentication with OpenID Connect (OIDC). Then we will add role-based authorization with conditional rendering and routing. Finally, we will pass the JSON Web Token (JWT) along on BFF calls to help secure the service side.
OpenID Connect
User authentication is the first step in securing the presentation tier. We need to identify the user so that we can determine what we will allow them to see and do. Traditionally, teams spent many cycles building an authentication...