Authentication verifies user identity before granting system access. Basic authentication uses username/password but is insecure without HTTPS. Bearer tokens provide better security and scalability for APIs. OAuth2 enables login through trusted providers like Google, often using JWTs as stateless access tokens. Modern systems combine short-lived access tokens with long-lived refresh tokens for seamless user experience. SSO allows single login across multiple services using protocols like OAuth2 and SAML.