The terms authentication and authorization are used in conjunction with each other. However, these terms are distinct:

• Authentication is the method of confirming a user's identity: This involves using credentials, such as username/password, to verify the identity. The system checks whether a user is using the correct credentials. 
• Authorization is the process of verifying a user has access to a system: This occurs after the successful verification of identity. Authorization involves verifying the user's rights, permission, and access level. This is to say, it is the process of verifying whether an authenticated user has access to a particular resource.