I have a microservices project I’m using keycloak as the authorization server. I want to block keycloak IP from external access for more security.
I have a java microservice I use this service to communicate with keycloak and generate the access token for an angular app (Angular App has a login page).
Are this architecture secure and recommended ? Any better suggestions.