Core ideas

Core ideas behind Ory Talos.

• Architecture — admin plane and data plane separation
• Credential types — generated keys, imported keys, JWTs, macaroons
• Token format — v1 key format specification
• Security model — cryptographic primitives and tenant isolation
• Caching and consistency — verification caching and revocation propagation
• Token derivation security — stateless verification and revocation semantics
• Rate limiting — rate limit metadata on API keys
• IP restrictions — CIDR-based access control for API keys