Authentication means "who are you?". Authorization means "what are you allowed to do?". Often referred to collectively as "auth", both of these concepts are critical to avoiding unauthorized account access and keeping data secure online.
All Things Auth is a collection of resources to help service providers and end-users navigate their shared responsibilities when it comes to addressing authentication and authorization.
What concepts are important to understand? How do we communicate those to implementors and users alike?
Which solutions exist? How do they work and which should you use? Where do they work well and where do they need to improve?
All Things Auth is a community of end-users, implementors, researchers, and thought leaders all working together to explore these questions and move the industry towards more secure, usable, and impactful auth solutions.
If you're interested in contributing, feel free to get in touch at firstname.lastname@example.org!