I have two microservices, for example, A and B. The microservice B has the rest enpoint that must be accessible only from the microservice A. How can I limit access between microservices? What is the best practice if at all possible?
I'm using spring cloud security (oauth2, jwt).
This is a networking issue. Simply restrict access to micro service B at a network level. This can be easily done if using Docker for example. You would just not publicly expose the relevant port for micro service B but expose it on a specific network then have micro service join that network.
You could use public/private keys if you wanted to add extra security. Alternatively, it would be simpler to generate a JWT for application A and validate it in micro service B but as you add more micro services this has more management overhead.
Alternatively, you should look into an API Gateway which can handle API access for you