What is the difference between authentication and authorization?

Authentication securely identifies users for application access. Authorization allows/disallows securely identified users to access certain areas of the software.

What is the difference between authentication and authorization?

Written by: Dominic Wegrzynowski Oct 04, 2023

Authentication securely identifies users for application access. Authorization allows/disallows securely identified users to access certain areas of software. A user must be authenticated in order to be authorized.

For example, my Bugtracker MVC application is designed with individual user accounts and users roles. Once a user is logged into my app and authenticated, they are free to navigate all pages of the application as long as their role is authorized to do so. I am using the [authorize] attribute on the class level for authentication and [authorize(Roles="Admin")] to authorize only Admins access to assign a project manager.

Tags
#C# #.NET #MVC #Authentication #Authorization
Login to add a comment
0 COMMENT(S)