Authentication is the verification of identity. Today's applications control access to sensitive data that should only be exposed to the appropriate consumer. Thus, verifying identity is a critical aspect of online applications and security. According to the Verizon Data Breach Report 2020, over 80% of breaches can be traced to stolen identity in the form of lost or stolen credentials.
Different authentication approaches can be based on something you know (e.g., password), something you have (e.g., a physical key or security token), or something you are (e.g., your fingerprint). Best practice authentication systems rely on more than one factor (hence the name two-factor authentication) to protect against credential compromise.
Today's cloud-native applications expose a multitude of microservices to end users. Properly ensuring that every microservices is properly secured with strong authentication mechanisms is critical.