If the requestor can prove they're who they claim to be, they can access the protected resources or functionality. Possibly the simplest form of authorization is to grant or deny access based on whether the entity making a request has been authenticated. Role-based access control is currently the most common approach using Microsoft identity platform. There are several common approaches to handle authorization. In this article, the term "entity" is used to refer to either a user or an application. Services or daemon applications are often built to make requests for resources as themselves rather than on behalf of a specific user. This authorization action is often referred to as access control.Īuthentication and authorization are concepts that aren't limited to only users. Authorization also specifies what can be done with the data. In contrast, authentication (sometimes abbreviated as AuthN) is focused on proving that an entity like a user or service is indeed who they claim to be.Īuthorization can include specifying the functionality, resources, or data an entity is allowed to access. Authorization (sometimes abbreviated as AuthZ) is used to set permissions that enable evaluation of access to resources or functionality.
0 kommentar(er)
