As a user I want to access properties/actions/events of devices which are protected by authentication, so that I can read and write its state.

Currently the system assumes that the affordances of a web thing use the same authentication credentials that are needed to access its thing description.

Some web things may have a public thing description, but require authentication in order to interact with their affordances.