Challenge: Securing gRPC Communication

Test yourself by applying authorization requirements on gRPC endpoints.

We'll cover the following

Overview

In the playground at the end of this lesson, you will apply security to a gRPC service, as outlined in the requirements.

Requirements

In the playground below, you have a gRPC application with a secured endpoint that returns some information about the server. You also have an unsecured endpoint that returns the system's health status. Your first task is to make both of these endpoints secure.

The client application calls gRPC endpoints from the home page. However, because there is no OIDC redirect configured, there is no access token available by the time gRPC calls are made, resulting in an error being displayed in the browser. Therefore, you must make the following changes in the client app:

  • Handle any errors so the application doesn't crash and the home page is still displayed.

  • Display a "No data" message against each item on the home page if an error occurs.

  • Enable the automatic OIDC redirect if an unregistered user attempts to access the home page.

  • Apply any other necessary changes to make the client work with the new security requirements.

Get hands-on with 1200+ tech skills courses.