Authentication Vs Authorization – Security Concepts

We all know about the security concepts, Authentication and Authorization. However, it is really important to know the difference between Authentication and Authorization.  Lot of detailed stuff is available over the internet but here sharing with you the brief information about the difference between Authentication and Authorization, so that we can easily understand about these concepts.

Simply, Authentication is checking the user‘s identity, and Authorization is verifying a user’s right to access resources.

Authentication

The process of identifying the user, this is a fundamental concept of security. Authentication is a part of daily life. Without authentication, restricting access to resources based on the person‘s identity is impossible.

Authorization

Authorization is the process of verifying that a user is allowed to access a requested resource. Authorization happens only after Authentication. After all, how can you determine whether someone is allowed to do something, if you don’t know who he/she is?

Authentication and Authorization are two related security concepts and often confused. So that‘s why I try to write this post in a very simple manner. I hope this will help you to understand the difference between Authentication and Authorization.

One comment