The gateway deck for the Identity & Access and Authorisation series. Why these problems exist, the four eras of the field, the threat landscape, the standards lineage, and a roadmap to every other deck.
A computer for one user has no need for identity. The moment a second user shares the machine — or the network — three problems appear at once: tell us apart, limit the damage we can do to each other, and have a record of who did what. Every spec in this field — passwords, Kerberos, SAML, OAuth, OIDC, SPIFFE, OPA, MCP — is an attempt to solve one of those three problems for a particular topology.
Many real incidents — Capital One 2019, Optus 2022, Microsoft Storm-0558 2023 — start because someone treated "the request authenticated successfully" as if it implied "the request was authorised". It does not. They are different decisions, computed by different code, often by different teams, against different policy sources.
"AuthN is the bouncer at the door. AuthZ is the wristband that says which rooms you can enter. Audit is the CCTV that says where you actually went."
The first thirty years are the story of moving identity from "a file on this machine" to "a service trusted across many machines". Every primitive we still use — shared secret, ticket, directory, certificate — was invented here.
"Tell users on this system apart" → "tell users on this network apart" via tickets and shared secrets.
Identity across organisations. Each company was its own island; trust did not cross boundaries.
Password hash, ticket, directory entry, CA-issued certificate, the principal as a first-class object.
The web made every company a service for every user on Earth. Federation — "I trust your IdP to vouch for who this is" — became the dominant model. SAML solved enterprise SSO; OAuth solved the password-sharing problem; OpenID Connect bolted identity back onto OAuth.
Identity across organisations. Users sign in once at their IdP and reach hundreds of relying parties.
Phishing-resistant credentials, mobile-first flows, machine-to-machine identity, anti-replay token binding.
SAML assertion, JWT, OAuth grant types, scopes, the IdP / RP / Resource-Server triad, SCIM as the provisioning standard.
Phishing went industrial; the perimeter dissolved; workloads multiplied a hundred-fold under Kubernetes. The era's signature is "trust nothing — verify the credential, the device, the workload, every time". FIDO2/passkeys finally beat phishing; SPIFFE solved workload identity; OPA gave authorisation a programmable language.
Phishing (passkeys), workload-to-workload identity (SPIFFE), policy as code (OPA / Rego), mobile-safe OAuth (PKCE).
User-controlled identity (your wallet, not the IdP's database). AI agents acting on your behalf. Cross-border, cross-trust-domain federation at country scale.
WebAuthn credential, X.509 SVID, OPA bundle, Cedar policy, the policy-decision-point pattern, mTLS-everywhere east-west.
Two simultaneous shifts. Wallets: the EU mandates that every citizen has a state-issued digital identity wallet by 2026 — identity moves from "row in an IdP database" to "a credential I hold and present". Agents: AI systems become first-class principals — they hold tokens, call APIs on the user's behalf, and need their own audit trail. The MCP authorisation profile is the early canonical answer.
Citizen-controlled identity. Selective disclosure (prove you're over 18 without revealing your date of birth). Agent delegation with a paper trail.
Cross-jurisdiction wallet trust, agent liability models, agent-to-agent delegation, the regulator's audit grammar for AI systems.
Verifiable Credential, mDoc, SIOPv2 wallet, OpenID4VCI/VP, agent-as-principal, MCP-resource audience, signed agent action logs.
Every protocol decision in the field — DPoP, audience binding, PKCE, FAPI, mTLS east-west, SPIFFE federation — answers a specific attack class. If you understand which attacks shape which mitigations, the protocol zoo collapses into a small number of obvious moves.
| Threat | What it means in practice | Defence(s) | Where it's covered |
|---|---|---|---|
| Phishing | User typed a real password into a fake login page | WebAuthn / passkeys (origin-bound) | Authentication Methods |
| Credential stuffing | Leaked password + bot tries it on every site | Argon2id, breach lookups (HIBP), rate limit, MFA | Authentication Methods |
| Token theft & replay | Bearer JWT exfiltrated → attacker uses it | DPoP, mTLS-bound tokens, short TTL, refresh rotation | Adv. OIDC · Edge AuthZ |
| Confused deputy | Token meant for service A used at service B | Resource Indicators (RFC 8707), audience claim, Token Exchange downscope | OAuth · OIDC · Edge AuthZ |
| Lateral movement | Attacker pivots across services after first compromise | SPIFFE workload identity, mTLS east-west, ABAC at every hop | Workload Identity AuthZ |
| Privilege escalation | Authenticated user does what they shouldn't | Least privilege, RBAC → ABAC → ReBAC, PDP central, audit | Authorization Models |
| SAML XSW / alg confusion | Forged assertion / "alg":"none" JWT accepted | Strict signature validation, pinned algorithms, FAPI baseline | SAML & SCIM · Adv. OIDC |
| Session hijack via subdomain XSS | Cookie / token leaked from a less-secure subdomain | HttpOnly, SameSite, scope cookies tightly, CSP, separate origins | Authentication Methods |
| Supply-chain compromise | Attacker patches your dependency / image / IaC | Sigstore, SLSA, signed SBOMs, provenance attestation | Cloud Security · Workload Identity |
| Agent prompt injection | Hostile data steers an LLM agent to misuse a tool token | Per-tool scoped tokens, resource audience, human-in-the-loop confirms, CAEP signals | OAuth for MCP · Edge AuthZ |
Identity is unusual among engineering domains in having many standards bodies, each owning a slice. Knowing which body owns which spec tells you where the vocabulary, the disputes, and the next revisions live.
| Body | Owns |
|---|---|
| IETF | OAuth 2.0/2.1, JWT (7519), DPoP (9449), Token Exchange (8693), PKCE (7636), PAR (9126), JAR (9101), Resource Indicators (8707), JWS / JWE |
| OIDF | OpenID Connect Core, FAPI 1/2, Federation 1.0, SIOPv2, OpenID4VCI, OpenID4VP, SSF / CAEP, MODRNA, RISC |
| OASIS | SAML 2.0, XACML, WS-Security, WS-Federation |
| W3C | WebAuthn (L3), Verifiable Credentials (VC 2.0), DIDs, CredentialManagement |
| FIDO Alliance | U2F, FIDO2 / CTAP, MDS (metadata service), passkey UX guidance |
| Body | Owns |
|---|---|
| ISO/IEC | ISO 18013-5/-7 (mDL), ISO/IEC 23220 (mobile eID), ISO 29115 (assurance) |
| NIST | SP 800-63 (Digital Identity, IAL/AAL/FAL), SP 800-207 (Zero Trust), FIPS 201 (PIV) |
| CNCF | SPIFFE/SPIRE, OPA / Rego, OpenFGA, Cilium, Falco |
| EU bodies | eIDAS 2.0 (regulation), EUDI Wallet ARF (architecture & reference framework), GDPR / DORA |
| Vendor / cloud | AWS IAM & Cedar, Google IAM & Zanzibar, Microsoft Entra, Apple/Google passkey ecosystems, Anthropic MCP authz profile |
IETF specs are tight, narrow, often grumpy and security-driven. OIDF specs are profiles — they say "use these RFCs together, with these constraints". OASIS is enterprise / XML legacy. W3C and FIDO own the browser contract. NIST and ISO own the regulator's contract. Cloud vendors and CNCF projects move fastest but break compatibility.
Once a request enters your system, every authorisation decision falls into one of two camps. They have different threat models, different latency budgets, different identity carriers, and almost always different teams owning them. Confusing the two is a top-three cause of edge bugs.
Three options when you need identity for a product. The right answer is almost always "buy or use OSS"; the deeper question is which trade-off matches your cost model, compliance needs, and tolerance for vendor lock-in.
Best when: you need SOC 2 / FedRAMP inheritance fast, B2B SAML/SCIM out of the box, and login is not your differentiator. Cost scales per MAU.
Best when: data residency / sovereignty is a hard requirement, MAU economics break commercial, or you need deep customisation. You own the on-call.
The trap: identity protocols look simple and aren't. Spend the first year on your product, not on JWT validation edge cases.
AuthN + federation = buy. Login is largely a solved, commoditised, and highly-attacked surface — leverage someone whose only job is keeping it correct. AuthZ = build, on a policy engine. Authorisation is your business logic — what your users may do is unique to your product. Use a PDP (OPA / Cedar / OpenFGA), keep policies in your repo, and treat the engine as a library, not a product.
Almost every identity standard you'll meet exists because a regulator wrote a rule that needed wiring up. If you understand the regulation, you understand why the spec is shaped the way it is — and where the next standard is coming from.
| Regulation | Force date | What it requires (in identity terms) | Standards / specs it produced |
|---|---|---|---|
| GDPR (EU) | 2018-05 | Lawful basis for processing PII; right to erasure; pseudonymous IDs preferred | OIDC pairwise subjects, SCIM delete semantics, ID-token minimisation |
| PSD2 SCA (EU) | 2019-09 | Strong customer authentication for online payments; dynamic linking | FAPI 1.0, then FAPI 2.0; OBIE / Berlin Group profiles |
| HIPAA (US) | 2003 (still) | Audit trail, MFA for PHI, BAA contracts; minimum necessary access | SAML in healthcare, SMART on FHIR (OAuth profile) |
| CCPA / CPRA (CA) | 2020 / 2023 | Opt-out of sale, right to know, right to delete | GPC header, SCIM delete cascade, identity-graph minimisation |
| eIDAS 2.0 (EU) | 2024-05 | Every citizen must be able to use a state-recognised digital wallet | EUDI Wallet ARF, OpenID4VCI / VP, ISO mDL, SD-JWT |
| DORA (EU finance) | 2025-01 | Operational resilience; ICT third-party risk; incident reporting in hours | FAPI 2.0 baseline, OpenID Federation 1.0 trust chains |
| EU AI Act | 2026-08 | Identity, log, and audit "high-risk" AI systems and their actions | MCP authz profile, agent-as-principal patterns, signed action logs |
| SOC 2 / ISO 27001 | continuous | Access reviews, MFA, audit logs, least privilege, joiner-mover-leaver | SCIM provisioning, RBAC/ABAC reviews, CAEP / SSF event streams |
Regulators set a behaviour requirement → standards bodies (OIDF, IETF, W3C, ISO) wire a protocol that satisfies it → vendors and OSS projects ship products that implement the protocol. Three-step flow, every time. Watch the regulators to know what's coming next.
The decks are ordered to be read top to bottom — but each is self-contained, so you can also drop in by topic. The two halves (Identity & Access = AuthN, Authorisation = AuthZ) interlock at the JWT / SVID / claims layer.
Cloud `*aaS` 05 — Cloud Security · Docker for LLMs, Agents & MCP · Introduction to Web Authentication · Introduction to Passport.js · Introduction to Express Middleware
User-held credentials replacing IdP databases. Agents as first-class principals with their own audit trail. Policy engines moving into the data layer. Phishing finally dead at scale via passkeys.