The authentication file, normally stored in
users.cfg unless configured differently, stores a set of permissions groups for different authenticated users.
The format is pretty simple:
[admin] http://example.com/ mailto:firstname.lastname@example.org [friends] mailto:email@example.com mailto:firstname.lastname@example.org http://example.com/~friend/ good-friends [enemies] mailto:email@example.com http://tumblr.com/ [good-friends] http://beesbuzz.biz/
Simply put, each group is indicated by
[group_name], and each line after the group name indicates the authenticated identities (and other groups) which are a part of that group. So, in this case, anyone who is in the
good-friends group will also be in the
friends group. All identities are given as full URIs.
Identities can also be used as a group name, to help manage those folks who have more than one identity that you want to treat equivalently; for example:
[http://beesbuzz.biz] mailto:firstname.lastname@example.org http://twitter.com/fluffy https://queer.party/@fluffy
Any identities which belong to the administrative group (which is
admin by default but can configured differently) will have access to all entries, as well as the administrative dashboard. Otherwise, users are subject to the permissions system.