> This file is still very much a WIP.

### Protocol

authd’s protocol is still subject to change.

> TODO: document messages.

### Libraries

> TODO: document basic functions in the `AuthD::Client` class to exchange messages with `authd`.

A `AuthD::Client` Crystal class is available to build synchronous clients in Crystal.

### Authorization rules

Logged users can:
- retrieve public data of any user **individually**
- change their own data: password, email address, profile entries (except the read-only ones)
- delete their account
- check their own permissions

Admins with 'Read' permission on the '*' resource can:
- list users
- check permissions of other users

Admins with 'Edit' permission on the '*' resource can:
- change data of another user

Admins with 'Admin' permission on the '*' resource (or the 'admin' boolean) can:
- change read-only profile entries
- change permissions
- delete a user
- uprank and downrank admins