biscuit-auth/biscuit
1
1
Fork 0
mirror of https://github.com/biscuit-auth/biscuit.git synced 2024-09-11 14:26:04 +03:00
Code Issues Packages Projects Releases Wiki Activity

add a README

Browse Source
This commit is contained in:
Geoffroy Couprie 2019-01-02 14:23:30 +01:00
parent 74210ad3a5
commit 2c54321e1b
1 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
README.md Normal file
View File

@ -0,0 +1,17 @@
# Biscuit authentication token
Biscuit is a (in development) authentication token for microservices
architectures with the following properties:
- distributed authorization: any node could validate the token only with public information
- offline delegation: a new, valid token can be created from another one by attenuating its rights,
by its holder, without communicating with the issuer or the verifier
- capabilities based: authorization in microservices should be tied to rights related to the request,
instead of relying to an identity that might not make sense to the verifier
- flexible rights managements: the token specifies a pattern based right specification
and attenuation syntax taht can map to other rights management systems
- small enough to fit anywhere (cookies, etc)
Non goals:
- this is not a new authentication protocol. Biscuit tokens can be used as opaque tokens delivered by other systems such as OAuth
- revocation: while tokens come with expiration dates, revocation requires external state management