Help Me/Question What Is The Differentiate Between Authentication And Authorization?

steve taylor

White Belt
In authentication process we verify the identity of the a user using some credentials like username and password while in authorization we determines the parts of the system to which a particular identity has access. Authentication is required before authorization done.
Example: -
If an employee of the company authenticates himself with his credentials on the system authorization will determine control of the systems like publish a content and also edit it.

Prasoon Arora

White Belt
Authentication : An authentication system is how you identify yourself to the computer. The goal behind an authentication system is to verify that the user is actually who they say they are. Authorization : Once the system knows who the user is through authentication, authorization is how the system decides what the user can do. A good example of this is using group permissions or the difference between a normal user and the administrator on the system.
Authentication is the mechanism whereby systems may securely identify their users. Authentication systems seek to provide answers to the questions:
  • Who is the user?
  • Is the user really who he/she represents himself to be?
Authorization, by contrast, is the mechanism by which a system determines what level of access a particular (authenticated) user should have to resources controlled by the system.