From the course: ASP.NET Core Identity: Authentication Management
Authentication vs. authorization - ASP.NET Core Tutorial
From the course: ASP.NET Core Identity: Authentication Management
Authentication vs. authorization
- [Instructor] Authentication and authorization are two concepts that most people tend to confuse. Both terms are often used in conjunction with each other when it comes to security and gaining access to the system or the application. However, both these terms are quite different with completely different concepts. Authentication means confirming your own identity, but on the other end, authorization means being allowed to access the system. In even simpler terms, authentication is the process of verifying one's self, while authorization is the process of verifying that you have access to. Imagine a school as an application. In a school we have different people, usually the same like in an application that we have different users. For example, in a school we have students, and teachers, and in an application we have administrators, we have basic users, and we have managers. A school has different components, or different rooms, used for different purposes. So for example we have Principal's Office, we have teacher workrooms, and Classrooms. The same way in an application, we have different components, or features. So for example in an application, we might have an admin dashboard, we might have a user dashboard or profile, and chatrooms for example. Only the students and teachers of this school can enter this institution, because they exist in the records of the institution as teachers or students. In other words, they are authenticated to enter the building, so the school in this case, but they do not have access to all the rooms, which means that they are not authorized to have access everywhere they want. For example in a classroom, both students and teachers have access, but in a teacher workroom, only teachers have access, and to the Principal's Office, none of them has access. So this is the key difference between authentication and authorization.
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.