Purpose: In this paper we investigate how can be provided security of an information system, which use microservice architecture. This kind of architecture more and more often is used in designing and implementation of information systems both in cloud and local infrastructures in large-scale applications. Choosing it, as oftware architect should firstly decide if each service should be protected separatelyor a better idea could be to protect the system on the whole. Anyway, at each stage of development and implementation of a software product, it is necessary to solve many security related problems. One such problem is authentication and authorization, which can be solved by implementation of O Auth 2.0protocol. Findings: Based on the literature review we found that information systems, developed using microservice architecture, have some features, and one of the most important things is that each of these services is functioning independently from others and implements their own functionality in the application. This means that each service of information system can be easily developed, deployed, and tested, but, on the other hand it means that each service should be protected. In some cases, protection of each service separately is not the best idea, because this could lead to code duplication. This means that, in case of necessity of changes a piece of code or fixing a bug it should be done everywhere this code appears. To avoid this, there are developed some services - so called gateways, which, also, very often have implemented the function of user/client authentication and authorization using protocol O Auth 2.0. Research limitations/implications: This paper opens the discussion around microservice architecture of software, its security and about methods and instruments of its implementation in information system development. Practical implications: A big number of information system all over the world use this type of architecture. This implies that developers of information systems should pay more attention in providing security of software to protect the important information from the cybercriminals. Originality/value: Data security is one of the key aspects in the activity of each enterprise. So, if it will not be provided properly, then the company may incur enormous material losses or even may be closed. Therefore, it is very important to use the best way in providing security when new technologies, such as microservice architecture, are implemented.