How to implement authorization between services?

I have a bunch of services. Now they work "in the open". I cannot do that for obvious reasons. I think I'll do the test with the help of hash which will put the secret key and transmitted data (so just.) I think it's very "holey" shit. How to do this?
July 9th 19 at 10:53
3 answers
July 9th 19 at 10:55
Solution
gRPC.
And communication between services.
And securely.
And verification.
All-in-one.
Well documented.
And works fast - a small traffic.
July 9th 19 at 10:57
Solution
Simple: hash = someFunc(secret + message) is added to the request/response. Thus the secret key must be present on the server and on the client.

There are alternativny option: https://ru.wikipedia.org/wiki/Сервер_криптографиче...

Alternatively, you can look towards OAuth2, so do not miss out on LDAP
July 9th 19 at 10:59
Solution
And what prevents all the services implement the same REST API for data exchange + standard API-authorization, using the same Auth2-tokens for a registered API key?

Simple: hash = someFunc(secret + message) is added to the request/response. Thus the secret key must be present on the server and on the client.

With great success you can put SSL to generate a certificate bundle is allowed to give out favourites, and only use these certificates for signing code, the rest of the traffic is simply discarded.
rest is bike over http. I yuzayu rpc https://github.com/v-grabko/Core/wiki/RpcTcp - Brody_Dickins commented on July 9th 19 at 11:02
I just need to only services could communicate with each other and all. But if using rest then the overhead is large. - Brody_Dickins commented on July 9th 19 at 11:05

Find more questions by tags GoInformation securityComputer networksProgramming