Manage Biscuits with JDBC

How to Access and Permission Resources Using JDBC

📘

Blockchain tables are all public_read tables, meaning no biscuits are required to SELECT from them. If you are only querying onchain data, you can skip the biscuit setup process entirely.

Space and Time use biscuits to manage the secure authorization between users and tables on a decentralized network. Establishing this authorization requires one additional step for the JDBC driver: add a biscuit to the JDBC driver properties.

  1. Open or edit the JDBC driver, often found under edit connection
  2. Find the driver properties tab
  3. Add a new property (sometimes called user property
  • Property Name: biscuit_SCHEMA.TABLENAME
    Note, biscuit_ should be lowercase, while the SCHEMA.TABLENAME should be uppercase
  • Property Value: the biscuit value
    The SxT CLI can help you create biscuits. You can also use biscuitsec.org to easily inspect the biscuit for authorizations it contains.

One biscuit is required per permissioned table. For example, if you wanted access to 3 private tables from the JDBC connection, "TableA", "TableB", and "TableC", you would need 3 new JDBC properties.

Roadmap (JDBC)

Work is underway to make this process more dynamic for users, allowing the JDBC driver to be smarter when selecting a biscuit while enabling the biscuit scope to span beyond a single table. Check back periodically as we progress!