---
type: "term"
title: "Credential / Identity Artifact"
description: "Any secret, token, key, or session artifact that enables authentication or authorization decisions."
resource: "tlctc:term:credential-identity-artifact"
tags:
  - "glossary"
---
# Credential / Identity Artifact

Any secret, token, key, or session artifact that enables authentication or authorization decisions. Examples include: passwords, PINs, passphrases, API keys, bearer tokens, OAuth/OIDC tokens, SAML assertions, session cookies, session identifiers, private keys, client certificate keys, Kerberos tickets, SSH keys, hardware token seeds/OTPs, biometric templates (when used as authenticators).

**Reference:** §4.2.2 (Global Definitions), Axiom X (§2)