Overview

Otoroshi Biscuit Studio is a powerful extension for Otoroshi, designed to integrate and manage Biscuit Tokens seamlessly within your beloved API Gateway.

Biscuit tokens offer a cutting-edge approach to secure and efficient access control. By combining advanced cryptographic techniques with a compact, extensible format, Biscuit tokens empower developers to create robust, scalable security solutions.

Their versatility and unique features make them an ideal choice for modern token-based authentication and authorization systems, enabling fine-grained control over user access and permissions.

Supported Entities in Otoroshi Biscuit Studio

• Biscuit KeyPairs
  Create Biscuit Keypairs to generate and verify Biscuit tokens.

  Keypairs are essential for signing and verifying tokens, ensuring the integrity and authenticity of requests.

• Biscuit Verifiers
  Manage and configure verifiers that check the validity of incoming Biscuit tokens against defined rules and policies, ensuring proper authorization and security.

• Biscuit Attenuators
  Configure attenuators to modify and return Biscuit tokens that have been "attenuated" (limited in scope or permissions), ensuring fine-grained control over access levels in your API routes.

Supported Plugins in Otoroshi Biscuit Studio

• Verifier plugin
  Integrate verifiers plugins into your Otoroshi routes to check the validity of Biscuit tokens.

  This ensures that only authorized requests are processed, providing additional layers of security and control over your API traffic.

• Attenuator plugin
  Add attenuator plugins to your Otoroshi routes that apply attenuation to Biscuit tokens, allowing you to reduce or modify the scope of access granted by a token.

  This can be used to tailor access permissions dynamically based on the specific needs of your routes or services.

• Client Credentials plugin

  The Client Credentials Plugin is a Backend plugin that enables the OAuth2 client_credentials flow, using a Biscuit Token as the access_token.