Vault components that perform authentication and manage identities

• Responsible for assigning identity and policies to a user

• Multiple authentication methods can be enabled depending on your use case

• Auth methods can be differentiated by human vs. system methods

• Once authenticated, Vault will issue a client token used to make all subsequent Vault

requests (read/write)

• The fundamental goal of all auth methods is to obtain a token

• Each token has an associated policy (or policies) and a TTL

• Default authentication method for a new Vault deployment = tokens