Security concept dealing with identifying and verifying who a user is — username/password, SSO, SAML. Contrasted with authorization. In Rails, commonly handled via gems like Devise. Yatish's travel analogy: a passport is for authentication.