What is the difference between authentication and authorization?

Bedouin

Nov 22, 2017·1 min read

What is the difference between authentication and authorization?

Authentication is about who somebody is.
Authorization is about what they’re allowed to do.

Authentication is the process of verifying who you are. When you log on to a PC with a user name and password you are authenticating.
Authorization is the process of verifying that you have access to something. Gaining access to a resource (e.g. directory on a hard disk) because the permissions configured on it allow you access is authorization.

Example: Authentication is, I am an employee of the company. Here is my ID badge. Authorization is, as an employee of the company, which resources I am allowed access.

What is the difference between authentication and authorization?

Bedouin

More from Bedouin

More From Medium

A Traveler’s Diary on the Road to Machine Learning — Chapter 1

Authorization Header propagation in ASP.NET Core APIs

Best Bitwarden alternative

What is JWT and What is it Used For?

AuthZ: Carta’s highly scalable permissions system

Exploratory Data Analysis (EDA) with Python & Matplotlib

Why Is a Social Login More Secure?

How Your Customers Can Protect Themselves From SIM Swap Fraud