My 2 Cents What Is The Difference Between Authentication And Authorization?


White Belt
Let a student going to their college. At college gate, gate kipper ask for Identity card , If student shown the identity card then they can enter into college campus. This process is called as authentication.

Now student going to computer lab where in the college computer there are two account one for staff member and one for students. Here students can only access the computer resources which associated with student account . This process is called as authorization.
Authentication always proceeds to authorization.It is the process of verifying the identity of a user.Authentication means, Checking whether User is valid or not by accepting certain credentials like username and password
Authorization is the process of allowing an authenticated user access to resources.It is the process of checking whether the user has the access rights to the system.Authorization means, Checking what all rights user have, read or write option.