- Authentication is the process of verifying who you are. When you log on to a PC with a user name and password you are authenticating.
- Authorization is the process of verifying that you have access to something. Gaining access to a resource (e.g. directory on a hard disk) because the permissions configured on it allow you access is authorization.
In simple words, authentication is about who somebody is, whereas authorization is about what they're allowed to do.