Introduction
- The goal of Auth is to manage two desires: everybody should be able to do their work, but nobody should be able to work on something they’re not supposed to
- People leave, join, change roles frequently. Having one person with the key to every room is impractical (and unsafe)
- In “least privilege”, people only get access to the things they need and nothing they don’t
- Auth is all about systems that balance these needs