authentication vs authorization vs user management code example
Example 1: authentication vs authorization
Authentication :
telling the system who you are
by providing username and password.
Authorization :
things you can do according to who you are
------ few ways of Authorization:
Basic Auth --
providing username and password for each and every request you
make
Token based
generate a long token just one time
and use that for the rest of the request
similar to the visitor tag you get when you go to certain
restricted areas
API KEY ---
Bearer Token --
Example 2: difference between authentication and authorization
web security systems are based on a two-step process.
The first step is authentication, which
ensures the user identity
second step is authorization, which
allows the user to access the various resources
based on the user's identity.