Abstract: Techniques are provided for generating and using a multi-signature token for electronic message validation according to the one or more embodiments as described herein. Specifically, a multi-signature token may be generated that includes at least two digital signatures and information (e.g., user information). Each of the at least two digital signatures may be generated using a private key of at least two key pairs that are maintained on a plurality of keystores that have at least two different implementations (e.g., security protocols). If the at least two digital signatures are valid, the multi-signature token may be determined to be valid and the client request may optionally be performed. If at least one of the at least two digital signatures is invalid, the client request is optionally not performed.

Abstract: Methods and apparatuses are described for decentralized authorization of user access requests in a distributed service architecture. A gateway node receives a user access request from a remote computing device. The gateway generates a signed and encrypted access token based upon the user access request using an authorization service node and a key management service node. The gateway transmits the access token, the user access request, and a security certificate received from the authorization service to a security proxy node of a microservice container. The security proxy validates the certificate and the access token. The security proxy decrypts the access token using a public key from the certificate, and determines user authorization to access a service endpoint node based upon the decrypted token. The security proxy transmits the user access request to the service endpoint, which provides the remote device with access to services based upon the user access request.