delegated, decentralized, capabilities based authorization token
Biscuit is an authentication and authorization token for microservices architectures with the following properties:
You can follow the next steps on the roadmap.
Current status: - the credential language, cryptographic primitives and serialization format are done - we have implementations in Rust, Java, Go and Web Assembly (based on the Rust version) - Currently deploying to real world use cases such as Apache Pulsar - looking for an audit of the token's design, cryptographic primitives and implementations
SUMMARY.md: introduction to Biscuit from a user's perspective
DESIGN.mdholds the current ideas about what Biscuit should be
SPECIFICATIONS.mdis the description of Biscuit, its format and behaviour
experimentations/holds code examples for the crypographic schemes and caveat language.
code/biscuit-poc/contains an experimental version of Biscuit, built to explore API issues
Licensed under Apache License, Version 2.0, (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
logo by Mathias Adam
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be licensed as above, without any additional terms or conditions.