# AWS, Azure, GCP and external auth methods Auth methods are the components in Vault that perform authentication and are responsible for assigning identity and a set of policies to a user. In all cases, Vault will enforce authentication as part of the request processing. In most cases, Vault will delegate the authentication administration and decision to the relevant configured external auth method (e.g., Amazon Web Services, GitHub, Google Cloud Platform, Kubernetes, Microsoft Azure, Okta ...). Having multiple auth methods enables you to use an auth method that makes the most sense for your use case of Vault and your organization. For example, on developer machines, the GitHub auth method is easiest to use. But for servers the AppRole method is the recommended choice. To learn more about authentication, see the authentication concepts page. ### External auth method considerations When using an external auth method (e.g., GitHub), Vault will call the external service at the time of authentication and for subsequent token renewals. If the status of an entity changes in the external system (e.g., an account expires or is disabled), Vault denies requests to **renew** tokens associated with the entity. However, any existing token remain valid for the original grant period unless they are explicitly revoked within Vault. Operators should set appropriate token TTLs when using external authN methods. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.enclaive.cloud/vault/tutorials/cli/authentication/aws-azure-gcp-and-external-auth-methods.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.