<h2 id="heading-monolithic-applications">Monolithic Applications</h2>
For monolithic applications using a simple middleware to check for authentication via correct access token is enough to have our private routes secured
We can use symmetric encryption techniques like AES(advanced encryption standard)
<img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1730286436976/9212c6a3-b820-4f6c-baca-b4b543a110f0.png" alt class="image--center mx-auto" />
<h2 id="heading-microservices-based-applications">Microservices based Applications</h2>
For microservices based applications we can have a separate service for authentication which will use asymmetric encryption algorithm for the encryption 
The private key by the the auth service can be used to sign the tokens.
The public key can be used by other services for verifying the user in order to give access to the protected routes. The public key can be shared by auth service via it’s own API for other services to access it. The public key can be cached by other services also in order to reduce latency
<img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1730288907492/be053cd3-10b5-4ed5-9ef4-08483a95d34c.png" alt class="image--center mx-auto" />
However asymmetric encryption algorithms like RSA are slow in the relation with that of symmetric encryption algorithms, they provide us a secured system to build a scalable microservice based system.
image credits to Coder’s Gyan on yt
##

## Monolithic Applications

For monolithic applications using a simple middleware to check for authentication via correct access token is enough to have our private routes secured

We can use symmetric encryption techniques like AES(advanced encryption standard)

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1730286436976/9212c6a3-b820-4f6c-baca-b4b543a110f0.png align="center")

## Microservices based Applications

For microservices based applications we can have a separate service for authentication which will use asymmetric encryption algorithm for the encryption  
  
The private key by the the auth service can be used to sign the tokens.

The public key can be used by other services for verifying the user in order to give access to the protected routes.  
The public key can be shared by auth service via it’s own API for other services to access it.  
The public key can be cached by other services also in order to reduce latency

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1730288907492/be053cd3-10b5-4ed5-9ef4-08483a95d34c.png align="center")

However asymmetric encryption algorithms like RSA are slow in the relation with that of symmetric encryption algorithms, they provide us a secured system to build a scalable microservice based system.

image credits to Coder’s Gyan on yt

##

Secure monolithic and microservices with token-based authentication using symmetric and asymmetric encryption

Scalable Authentication with JWT

Scalable Access token based Authentication

I am a passion driven coder who loves trying out new stuff and helping people.
This is where I put my knowledge so that anybody can access it.
