I have main server which handles authentication and game server which needs authentication. The main server uses your standard passport setup with JWT, so what should I do here? Should I clone the auth setup into the game server or should I make a custom authentication setup for games?
#authentication strategies two services?
meager bolt
deep sphinx
No
Just share your JWT secret with the other service(s) and have it call jwt.verify(..) 
meager bolt
Just share your JWT secret with the other service(s) and have it call jwt.verify...
So what information do you store in the JWT token then?
I've been under the impression you only store minimal data like the user ID
so if I wanted more details of the user I'd still have to make a request to the main server
but I guess that is conditional
deep sphinx
Correct