This content originally appeared on DEV Community and was authored by Amahle Comfort Nxumalo
You might have heard the terms authentication and authorization and wondered where and when they are used, they most of the times missunderstood by developers,students, and tech geeks. well here we clear the differences and mention cases for when one is used.
think of staying in a hotel where you provide proof that you are one of the clients and then you gain access to the building, now that is what authentication is, you as a client providing some information to prove you are who you claim to be.we will use that example (hotel example) to provide clear explaination.
1.you want to enter your hotel room so you pass through security first and provide perhaps a card given to you by a hotel for your stay and access (in the account case you would provide information like username and password, in this example hotel card is the information) the hotel securities slide the card through some card reading machine and it gives back a status of approved or declined based on some logic.the machine would check if a person with your name exists in their database if true then you will be granted access to enter.(you finished entering login details and clicked login, the information is sent to the server and compared against some logic to check if you exist in the database and your details are correct. if the latter is true then you are granted access to the resources otherwise you are declined).that is how authentication works in a nutshell with different strategies but all checking if details are matching.
2.now that you have entered in the hotel what tasks can you perform with your rights and what tasks you cannot perform is authorization taking place. it’s role comes after being authenticated first place.with resident hotel card you cannot go to the kitchen do the cooking, you cannot go in the offices, in the online account case you cannot delete accounts of other users,cannot change their credentials, as you do not have authority to do so. so in simple terms authorization permit and restrict what you can see and do based on your registered role. it is about checking if you are a staff member,if true then you can enter work premises specifically made for staff members and do some tasks (checking if your role is admin to allow you to see admin content and perform admin tasks).
thank you for reading 
This content originally appeared on DEV Community and was authored by Amahle Comfort Nxumalo