The authentication file, normally stored in
users.cfg unless configured differently, stores a set of permissions groups for different authenticated users.
The format is pretty simple:
Simply put, each group is indicated by
[group_name], and each line after the group name indicates the authenticated identities (and other groups) which are a part of that group. So, in this case, anyone who is in the
good-friends group will also be in the
friends group. All identities are given as full URIs.
Identities can also be used as a group name, to help manage those folks who have more than one identity that you want to treat equivalently; for example:
This will give the identities
https://queer.party/@fluffy membership in all groups that
https://beesbuzz.biz is in as well.
Any identities which belong to the administrative group (which is
admin by default but can configured differently) will have access to all entries, as well as the administrative dashboard. Otherwise, users are subject to the permissions system.
You can also start a line with
; to indicate that it is a comment.