Vouch and Sway

The subject of auth in web applications is not trivial. Quickly you can learn that there are two disparate components, authentication and authority. If the web application is trivial, authority might be trivial, but authentication likely still is not.

Since we like to invent our own shorthand, we call these vouch and sway.


The simplified term for authentication, vouch includes login and password, oauth, oauth2, 2fa or two factor authentication, time-based authentication, fingerprint, fob, facial, etc.


The simplified term for authority, this refers to the powers held by an authenticated user. In its simplest form, this might be a binary choice, user or admin.