Security is a complex topic to understand in-depth. In addition to that, implementing security for complex microservices based systems using OAuth 2.0 and OpenID Connect specs is even harder. Frameworks and libraries, like Spring Security, help to reduce the complexity, but still there is a steep learning curve to understand how to properly implement security.
