Authorization (controlling access via permissions) is often confused with Authentication (identifying a user/request). Yet it's not as complicated as it may seem! In this talk we will dig into the many features provided by Laravel's Authorization layer (gates and policies) to control access. Along the way we will identify some tips to make things easier, look at performance and code maintenance, as well as things to consider for more advanced or complex apps. We will also cover several popular packages which offer advanced functionality, and why/when to use them.