Skip to main content

Introduction

This guide explains how you can authenticate your microservices with SuperTokens.

The standard way of doing this is to create an OAuth2 Provider and use the OAuth2 Client Credentials Flow for authorization. At the moment this is only supported by the NodeJS SDK. If you are using python or golang you will have to implement the legacy flow.

Authentication Steps#

caution

This is only supported by the NodeJS SDK.

This flow uses common OAuth2 terminology. If you want a short explanation on how OAuth2 works and its concepts, please check out this page.

Machine to Machine Authentication

In the Client Credentials Flow the authentication sequence will work in the following way:

  1. Service A uses credentials to get an OAuth2 Access Token
  2. Authorization Service returns the OAuth2 Access Token
  3. Service A uses the OAuth2 Access Token to communicate with Service B
  4. Service B validates the OAuth2 Access Token
  5. If the token is valid Service B returns the requested resource

Check our extensive guide that will show you how to setup the Authorization Service and how to complete all the steps using SuperTokens.

Looking for older versions of the documentation?
Which UI do you use?
Custom UI
Pre built UI