thanks a lot for the response about user authorization - i hope i may add to this topic regarding gateway and you can point in the correct direction:
By now our Microservice is ready to be hosted in our yuuvis instance (it actually already is) - but i am facing difficulties securing it via the gateway.
First of all i want to go with authentication via the gateway only and maybe add the checks on user permissions later as you pointed out a possible solution.
However, although i added it to the gateway-prod.yml file, the behaviour is not as expected:
1) I can still make direct calls to the microservice hosted within yuuvis from local postman without providing any credentials. I am not getting rejected with a 401 - unauthorized, just like an unauthorized call to the rest-ws service.
This is the address i am able to call the custom microservice at
2) I can not use this microservice in BPM Scripts via the name <mymicroservice> as defined in gateway-prod.yml. This approach is explained in the documentation (in this case it is not finding the microservice within yuuvis)
Documentation:var response = $.http
This is how i tried to add the custom microservice to our gateway-prod.yml config.
- name: 'mymicroservice'
Any ideas what topic i should check in order to reach intended behaviour of the gateway with custom microservices?
Thanks a lot