If you enabled the Authentication microservice, additional services are pre-wired to use it for pass-through authentication.

Within other microservices, use the @Securty('jwt') annotation in the Controller on methods to enforce that an Authorization header is required with the request.

Testing Authentication Locally

Microservices running Locally are configured to allow authentication tokens from the Nonlive environment.

Go to the Scaffoldly Dashboard and find the JWT Token Generator

By default, emails can only be sent to your Scaffoldly email account, also shown on the Dashboard

Run your Microservice locally (optionally in Debug Mode), and open the Swagger UI

Click Authorize and paste the token, and invoke an endpoint with the padlock icon.

If you've set a breakpoint, you can see that the httpRequest.user is populated with the user's identity.