John Hines
If I wanted to use this same configuration but to secure Rest APIs using client credential flow, how would I do that?
Still using the Eureka and Zuul setup, but instead of having a user authenticate into the web app allow for a client service call my authorization server /token to get an access token and call the edge service passing the Bearer header with the token. The edge routes the request to the internal Spring Boot Service (in this case Beer Catalog Service).
Based on this documentation, the same clientId and secret are set in both Edge and Internal application.properties files which won’t accommodate having several internal services (e.g. Chips Catalog Service). Each service would have it’s own clientId and secret.