delegated, decentralized, capabilities based authorization token
The developer of this repository has not created any items for sale yet. Need a bug fixed? Help with integration? A different license? Create a request here:
Biscuit is a (in development) authentication token for microservices architectures with the following properties:
You can follow the next steps on the roadmap.
Current status: - the credential language, cryptographic primitives and serialization format are done - we have implementations in Rust, Java and Web Assembly (based on the Rust version) - Currently deploying to real world use cases such as Apache Pulsar - looking for an audit of the token's design, cryptographic primitives and implementations
DESIGN.mdholds the current ideas about what Biscuit should be
SPECIFICATIONS.mdis the in progress description of Biscuit, its format and behaviour
experimentations/holds code examples for the crypographic schemes and caveat language.
code/biscuit-poc/contains an experimental version of Biscuit, built to explore API issues
Licensed under Apache License, Version 2.0, (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
logo by Mathias Adam
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be licensed as above, without any additional terms or conditions.