Design a Global Authentication Token Service
Design a system for generating, validating, and revoking JWTs globally with minimal latency. Focus on distributed key storage and token expiration.
Why Interviewers Ask This
Interviewers at Airbnb ask this to evaluate your ability to design secure, low-latency systems for a global travel platform where trust is paramount. They specifically assess your understanding of distributed consistency, key management strategies across regions, and how to balance security with the need for rapid user authentication during high-traffic booking scenarios.
How to Answer This Question
1. Clarify requirements immediately: define latency targets (e.g., <50ms), scale (millions of concurrent users), and security levels specific to Airbnb's global footprint. 2. Propose a high-level architecture using stateless JWTs validated by edge nodes, emphasizing that keys must never be stored on application servers. 3. Detail the Key Management Service (KMS) strategy, explaining how you would use hierarchical key rotation and regional sharding to minimize latency while maintaining central control. 4. Discuss expiration and revocation mechanisms, suggesting short-lived access tokens paired with refresh tokens and a distributed cache like Redis for immediate revocation checks. 5. Address failure modes and security breaches, such as what happens if a region goes offline or a key is compromised, ensuring you mention rate limiting and anomaly detection.
Key Points to Cover
- Explicitly mentioning asymmetric encryption to separate signing and verification responsibilities
- Describing a strategy for caching public keys at the edge to eliminate network latency
- Explaining the trade-off between short-lived access tokens and long-lived refresh tokens
- Proposing a distributed cache solution for real-time token revocation checks
- Addressing key rotation strategies that ensure zero downtime for users
Sample Answer
To design a global authentication token service for a platform like Airbnb, I would prioritize low latency and strict security. First, we generate JSON Web Tokens signed asymmetrically. The private signing key resides in a highly secure, centralized KMS, while public verification keys are cached at the edge in every region to avoid cross-region round trips. This ensures validation happens locally within milliseconds. For expiration, we issue short-lived access tokens, say 15 minutes, paired with longer refresh tokens. If a user needs to revoke access immediately, such as when a device is lost, we cannot rely solely on token expiration. Instead, we implement a lightweight revocation list stored in a globally distributed cache like DynamoDB Global Tables or Redis Cluster. When a token is presented, the edge node checks this cache first. To handle key rotation without downtime, we support multiple active versions of the public key, allowing seamless transition. Finally, we monitor for anomalies; if a single IP generates thousands of valid tokens, our system triggers an automatic lockout. This approach balances the need for speed in a travel app with the rigorous security required for financial transactions.
Common Mistakes to Avoid
- Suggesting synchronous database lookups for every token validation, which creates unacceptable latency globally
- Ignoring the complexity of key rotation and proposing a simple stop-the-world update mechanism
- Focusing only on generation while neglecting the critical requirement of immediate revocation capabilities
- Overlooking the need for regional distribution of public keys, leading to a single point of failure
Practice This Question with AI
Answer this question orally or via text and get instant AI-powered feedback on your response quality, structure, and delivery.
Related Interview Questions
Design a CDN Edge Caching Strategy
Medium
AmazonDesign a System for Monitoring Service Health
Medium
SalesforceDesign a Payment Processing System
Hard
UberDesign a System for Real-Time Fleet Management
Hard
UberDesign a Feature for Collaborative Budgeting (Airbnb)
Medium
AirbnbAchieving Consensus on Architecture
Hard
Airbnb