KeyPairs

Biscuit Auth tokens are flexible, decentralized, and cryptographically secure authorization tokens.

They use ED25519 keypairs for digital signature generation and verification, ensuring integrity and authenticity.

Each token is signed with a private ED25519 key and can be verified using the corresponding public key.

This cryptographic mechanism guarantees that tokens cannot be tampered with or forged.

A Biscuit KeyPair is a couple of a Public Key and a Private Key using ED25519 algorithm.

Create your first Biscuit KeyPair

To create your first Biscuit KeyPair open your Otoroshi UI interface and go to Categories > Biscuit Studio > Biscuit KeyPairs

Then, click on "Add item" top right button to display the entity form.

You can also generate new KeyPair by clicking on the "Generate new" button.

It will create a public and a private key.

Example Keypair :

Private Key:

0e8a4d1cf07b6ee07b12f7658b6e784b590da13b97ab5c0140764a84373c8619

Public Key:

The public key is derived from the private key.

cc9f2638b2aa05ffe72a85f91875ac451ddc8995c8ddc39290fdaeb473314dcb

Example

{
  "id": "biscuit_keypair_e42033bc-f181-485f-857d-576e4728f6f9",
  "name": "My Biscuit KeyPair",
  "description": "A simple ED25519 Biscuit KeyPair",
  "pubKey": "cc9f2638b2aa05ffe72a85f91875ac451ddc8995c8ddc39290fdaeb473314dcb",
  "privKey": "0e8a4d1cf07b6ee07b12f7658b6e784b590da13b97ab5c0140764a84373c8619",
  "tags": [],
  "kind": "BiscuitKeyPair"
}

Create a keypair with Otoroshi's API

curl -X POST -H 'Content-Type: application/json' 'http://otoroshi-api.oto.tools:8080/apis/biscuit.extensions.cloud-apim.com/v1/biscuit-keypairs' -u admin-api-apikey-id:admin-api-apikey-secret -d '{
  "id": "biscuit-keypair_e42033bc-f181-485f-857d-576e4728f6f9",
  "name": "KeyPair from Otoroshi API",
  "description": "A Biscuit KeyPair created from Otoroshi API",
  "pubKey": "cc9f2638b2aa05ffe72a85f91875ac451ddc8995c8ddc39290fdaeb473314dcb",
  "privKey": "0e8a4d1cf07b6ee07b12f7658b6e784b590da13b97ab5c0140764a84373c8619",
  "tags": [],
  "kind": "biscuit.extensions.cloud-apim.com/BiscuitKeyPair"
}'

Get a KeyPair template with Otoroshi's API

curl -X GET -H 'Content-Type: application/json' 'http://otoroshi-api.oto.tools:8080/apis/biscuit.extensions.cloud-apim.com/v1/biscuit-keypairs/_template' -u admin-api-apikey-id:admin-api-apikey-secret

Result :

{
  "id": "biscuit-keypair_b6f88449-9c1a-4e46-a3af-b42e00f14e60",
  "name": "New Biscuit Key Pair",
  "description": "New biscuit KeyPair",
  "metadata": {},
  "pubKey": "",
  "privKey": "",
  "tags": []
}

Create bulk KeyPairs with Otoroshi's API

curl -X POST -H 'Content-Type: application/x-ndjson' 'http://otoroshi-api.oto.tools:8080/apis/biscuit.extensions.cloud-apim.com/v1/biscuit-keypairs/_bulk' -u admin-api-apikey-id:admin-api-apikey-secret -d '{"id":"bulk_keypair1","name":"KeyPair from Otoroshi API Bulk 1","description":"A Biscuit KeyPair created from Otoroshi API","pubKey":"cc9f2638b2aa05ffe72a85f91875ac451ddc8995c8ddc39290fdaeb473314dcb","privKey":"0e8a4d1cf07b6ee07b12f7658b6e784b590da13b97ab5c0140764a84373c8619","tags":[],"kind":"biscuit.extensions.cloud-apim.com/BiscuitKeyPair"}
{"id":"bulk_keypair2","name":"KeyPair from Otoroshi API Bulk 2","description":"A Biscuit KeyPair created from Otoroshi API","pubKey":"cc9f2638b2aa05ffe72a85f91875ac451ddc8995c8ddc39290fdaeb473314dcb","privKey":"0e8a4d1cf07b6ee07b12f7658b6e784b590da13b97ab5c0140764a84373c8619","tags":[],"kind":"biscuit.extensions.cloud-apim.com/BiscuitKeyPair"}
'

Result

{"status":201,"created":true,"id":"bulk_keypair1","id_field":"id"}
{"status":201,"created":true,"id":"bulk_keypair2","id_field":"id"}

Create your first Biscuit KeyPair​

Example Keypair :​

Private Key:​

Public Key:​

Example​

Create a keypair with Otoroshi's API​

Get a KeyPair template with Otoroshi's API​

Create bulk KeyPairs with Otoroshi's API​