...
- Token Based Authentication (Recommended)
Ideally, microservices should be stateless so the service instances can be scaled out easily and the client requests can be routed to multiple independent service providers. A token based authentication mechanism should be used instead of session based authentication - API-Token Authentication (Recommended)
ONAP is supposed to be accessed by third-party apps such as OSS/BSS, in the authentication process a user is not involved. API-Token can be used in such cases. - Centralized Authentication/Authorization (Recommended)
The MSB API Gateway can serve as the entry point to authenticate client requests and forwards them to the backend services, which might in turn invoke other services.
MSB doesn't do the authentication itself, instead, MSB can work with a security provider to provide centralized Authentication or ONAP with its pluggable architecture. - Use https for external communication
The MSB API Gateway can translate the https service request from ext the rnal systems to light weight http communication inside ONAP system.
Multiple tenants support
TBD
...