GS.Authentication+Authorization

This service provides two of the automated parts of an Authentication & Authorization process. First, the service can validate an identity claim. To this end, the service accepts an identifier representing a digital identity, and some (set of) credential(s). The service then signals if the credentials match the identity or not. Second, this service can validate the permissions required for an action. To this end, the service accepts identifiers representing a digital identity, a digital resource, and a possible action on that digital resource. The service then signals if the given digital identity is allowed to perform the given action on the given resource or not.