Sets how the server determines the current user.
"AuthNT" uses the operating system's security to get the Username. For this option, you can either turn off Anonymous access for the report web site in IIS, or you can build your own custom logon page that sets an Authentication Ticket.
"AuthSession" authentication uses a session variable, "rdUsername", that you set in your own custom logon process.
"Standard" authentication displays a Form-based logon page. You can use either the built-in logon page, or specify your own. The web form should return to the server request parameters which are used in a DataLayer to query a user database. When a row is returned in the DataLayer, the user is authenticated.
"SecureKey" makes it possible for another application to do the authentication, then pass the user to this application. The other "main" application calls rdTemplate/rdGetSecureKey.aspx, passing Username (and possibly Roles and Rights), then getting back a key. Then the main application redirects the user to this application passing the key as a parameter rdSecureKey. If both a list of Roles and Rights are passed, the list of Rights is used to set User Rights directly.
For a more detail, see the following DevNet article.