diff --git a/docs/generating-and-verifying-trats/index.html b/docs/generating-and-verifying-trats/index.html index 171a591..d401aae 100644 --- a/docs/generating-and-verifying-trats/index.html +++ b/docs/generating-and-verifying-trats/index.html @@ -337,7 +337,7 @@

-

In Delegation Mode, requests are not intercepted; instead, Tratteria agents’ trat-verification API must be called with request data to verify TraTs. This mode is suitable for environments where intercepting requests is not possible or desired, for example, in environments with a service mesh that is already intercepting incoming requests.

+

In Delegation Mode, requests are not intercepted; instead, Tratteria agents’ trat-verification API must be called with request data to verify TraTs. This mode is suitable for environments where intercepting incoming requests is not possible or desired, for example, in environments with a service mesh that is already intercepting incoming requests.

For details on how to verify TraTs using Tratteria agents, visit Tratteria agents readme.

diff --git a/docs/index.html b/docs/index.html index 3bc55ec..c8d0415 100644 --- a/docs/index.html +++ b/docs/index.html @@ -183,38 +183,56 @@

Introduction to Tratteria

padding: 0; } -

Welcome to the documentation for Tratteria, an open-source Transaction Tokens (TraTs) Service. TraTs are short-lived JWTs that assure identity and context in a microservices call chain. Learn more about TraTs here. The example below describes the salient features of a TraT:

+

Welcome to the documentation for Tratteria, an open-source Transaction Tokens (TraTs) Service. This guide will help you understand what Tratteria is, how it works, and how to implement it in your microservices architecture.

+

+ TraT + + + + + +

+

TraTs (Transaction Tokens) are short-lived JWTs that assure identity and context in a microservices call chain. Learn more about TraTs here. The example below describes the salient features of a TraT:

What Is a TraT -

- Tratteria approach - +

+ Tratteria Architecture + + + + + +

+

Tratteria is designed to facilitate secure and convenient TraT issuance and verification in microservices systems. It involves the Tratteria Service for issuing TraTs, the Tratteria Agent sidecar for verifying TraTs, and Tratteria Kubernetes resources for specifying generation and verification rules for TraTs.

+Tratteria Workflow +
+

+ Tratteria Modes +

-

Tratteria provides two ways of verifying TraTs: An interception option and a delegation option

+

Tratteria can operate in two modes:

-

- Tratteria architecture - +

+ Tratteria Resource +

-

Tratteria is designed to facilitate secure and convenient TraTs issuance and verification in microservices systems.

-Tratteria Workflow -
-

Tratteria supports TraTs generation and verification using Kubernetes resources and Tratteria sidecar agents. Tratteria lets you define how to generate the TraT for an external API and how to verify the TraT for the resulting internal requests of the external API. Additionally, Tratteria supports access evaluation for external APIs.

+

Tratteria lets you define how to generate the TraT for an external API and how to verify the TraT for the resulting internal requests of the external API using Kubernetes resources. Additionally, it supports specifying access evaluation for external APIs.

Below is a sample Tratteria Kubernetes resource for the POST api/order/trade/{#stockId} external API. Hover your mouse over the text below to find out more about what each line means:

@@ -301,7 +319,7 @@

azdMapping: stockId: required: trueAs noted above, the stocks service overrides defaults for TraT verification - value: "{$id}"List of services that use this TraT type. They may use defaults specified above or override them. + value: "{$id}"The list of microservice APIs that are invoked while processing this external API. They may use defaults specified above or override them. accessEvaluation: subject: id: "${subject_token.email}" @@ -381,8 +399,10 @@

On this page: