Securing an application is difficult. Securing an entire application landscape is even more difficult! In this modern era of blazing fast microservices we do not want the additional complexity of having to secure it all manually. This is where Spring Cloud Security comes in. By combining proven technologies, it helps us achieve performant, configurable end-to-end security across multiple applications. So what technologies are being combined? Well, a lot... We will not mention them all here, but the foundation relies on Spring Boot and Spring Security OAuth. OAuth, or, in our case, OAuth2 is basically an authorization delegation protocol. To quote Wikipedia, OAuth:
[...] specifies a process for resource owners to authorize third-party access to their server resources without sharing their credentials.