DEV Community

Bachi for Auth0

Posted on • Originally published at auth0.com

Securing gRPC-based Microservices in .NET Core

TL;DR: This tutorial will show you how to integrate authentication and authorization in a .NET Core microservice scenario based on gRPC. You will go through the process of protecting the server endpoints and will learn how to authorize a gRPC client to make requests to it.

The gRPC Framework
Lately, gRPC is becoming quite popular since it allows you to build high performance distributed systems. Initially designed by Google to optimize communication within their internal service infrastructure, it is now an open-source project available for most common programming languages: from Java to Python, to PHP, to C#. In a nutshell, gRPC is a Remote Procedure Call framework (RPC framework) based on the HTTP/2 protocol to transport binary messages and on the Protocol Buffers, also known as Protobuf, to define service contracts. A mandatory requirement for a gRPC service is to accept only secure gRPC connections, such as TLS connections.

Starting from .NET Core 3.0, Microsoft supports gRPC natively, so .NET Core developers can leverage this framework to build efficient microservices. The tutorial Implementing Microservices with gRPC and .NET Core 3.0 introduces you to the basics of using this framework with .NET Core. It shows you how to create a simple microservice that evaluates whether a customer is entitled to receive credit for a given amount and a client that makes requests to it.

In this tutorial, you will take that project and will secure the communication between the client and the server by using Auth0.

Read on 📖

Top comments (0)