Skip to main content
Support OpenZiti, give us a GitHub Star Star
👆 live "Reflect" messages will display here
Ziggy Chef

Appetizer: Taste OpenZiti

If you have go installed, it's as simple as clone the repo, and go run and you can experience application embedded zero trust in action 👇.

git clone https://github.com/openziti-test-kitchen/appetizer.git
cd appetizer
go run clients/reflect.go reflectService

What You Get by Adopting an OpenZiti SDK

  • Strong identities. X509 certificates guarantee entities are who they claim.
  • Segmented access. Follow the "least privileged access" model.
  • Protection from port scanning. The app has no listening ports, it's "dark".
  • Continuous authentication. Constant authentication is vital.
  • End-to-end encryption. Ensure data is only available to the intended recipient.
Loading asciinema cast...

Taking a Closer Look

Step 1 - Reflect Server Strong Identity

When the Appetizer process starts, it first creates a strong identity for itself. This strong identity (represented by the lock icon) is authorized to "bind" the reflect service, creating a listener. The reflect server is then listening on the overlay and able to accept incoming connections from other strong identities, authorized to participate in the OpenZiti network.

slideslide