Authentication and authorization are actually mean two different things but many people are often confused between them. Let’s explore and compare them.
Authentication VS Authorization
|In simple words, authentication is who you are.||Authorization is what you can do.|
|It is directly dependent to login or sign-in.||It is all about whether you are the right person to access some explicit conetns even though you are logged-in user.|
|You will be authenticated in to a system or an application if you have a valid username or password.||You are authorized to do some tasks if you have all the rights to do that.|
|Generally, it seperates a registered member from public users.||It seperates an user who have the explicit rights from a signed-in user.|
|Authentication can be done by
and other ways.
|Authorization can be provided by what content should be authorized to whom.
and other options.
|Example : If you have bought ticket for a zoo, then you are authenticated to enter in.||Example : Even though you can enter in to the zoo, you are not authorized to feed, touch or hit the the animals.|