# Authentication

When a user starts an **APP**, the first thing the **APP** needs to do is authenticate the user, especially if the **APP** wants to interact later with the Hive blockchain.

Usually, this is done by entering a username and password and matching it against similar data stored somewhere.

Hive Authentications Services enables applications to authenticate their users by simply providing a username and relieving the applications from storing additional credentials data.

The credentials are stored in the **PKSA** local storage and act as a Two-Factor Authentication (2FA) provider.

The users only need to trust one **PKSA**, where they safely store their private keys. They no more will be required to provide any key to any **HAS** enabled application. Likewise, they are guaranteed that their keys will never leave the **PKSA**.

After the user has provided the **APP** with their account name, the **APP** will perform the authentication process.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.hiveauth.com/developer-documentation/has-for-applications/authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.