on thing that still i don't get with microservices is where to put the central control. Usually, services requires: authentication, authorization, execute, (errors), response.

Now, there should be a reverse-proxy that first call the authentication, if correct, calls authorization, if correct call the execution. But, how do people do that?