Authorization

Farbor supports authorizations through tokens which are standard JWT tokens.

• One time token - authorizing single operation like read, write or delete.
• Permission token - authorizing multiple operations on multiple assets matching a pattern.

Tokens are required to be valid to a certain point of time but currently there are no limits fow how long they can be created for.

Regardless of authorization method, all keys are cryptographically signed used secret key assigned for each user. You can decide to use one of supported secret storages or implement your own.

• AWS DynamoDB - store secrets in AWS DynamoDB.