The following concepts are important when securing applications:
- Username an identifier unique to a specific user. It is used to sign in and is retained for the duration of the session.
This is often an email address.
- Credentials user attributes with a corresponding value, such as first name, last name or date of birth.
- Roles named collections of capabilites for a group of users. One or more users may hold a particular role.
For example, a user may hold the admin role.
- Authorisations permissions granted or denied to perform an action in a particular context.
For example, authorisations may dictate a user can view the purchase history of a particular product or set of products.