Is there any difference between authorization and authentication? The majority of computer users perceive these terms as synonyms: the process of logging in to a computer system providing credentials (for example, entering to your e-mail or social network page, etc.). However, these processes are different and just seem to be identical because they always go together.
So, authentication is a familiar act of logging in to the closed system, the process of identification of the user. Authorization comes after authentication. This is a process of providing a user with permissions to perform actions in the system.
For instance, to pass the checkpoint you have to provide a document to support your identity (this is what authentication is similar to), and then you are told where you are allowed to go and what actions you can perform (this is similar to authorization).
Obviously, authorization cannot go without authentication, and vice versa. That is why so many people tend to believe this is one and the same thing.