{"id":1367,"date":"2024-02-19T20:21:36","date_gmt":"2024-02-19T16:21:36","guid":{"rendered":"https:\/\/155.212.171.134\/?p=1367"},"modified":"2024-02-22T17:56:39","modified_gmt":"2024-02-22T13:56:39","slug":"understanding-the-difference-authentication-vs-authorization","status":"publish","type":"post","link":"https:\/\/tareev.studio\/ru\/understanding-the-difference-authentication-vs-authorization\/","title":{"rendered":"\u041f\u043e\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0440\u0430\u0437\u043d\u0438\u0446\u044b: \u0410\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f \u043f\u0440\u043e\u0442\u0438\u0432 \u0410\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u044f"},"content":{"rendered":"<p><strong>Authentication<\/strong> and <strong>authorization<\/strong> are fundamentally different concepts.<\/p><p><strong>Authentication<\/strong> is the process of verifying that a user is who they claim to be.<\/p><p>When we log into our account and input our username and password, that&#8217;s <strong>authentication<\/strong>. The entered data is authenticated by comparing it with what&#8217;s stored in the database.<\/p><p><strong>Authorization<\/strong>, on the other hand, is about access, determining which users can access specific resources within a network.<\/p><h2 class=\"wp-block-heading\"><strong>Key Differences<\/strong><\/h2><p><strong>Authentication<\/strong><\/p><ul class=\"wp-block-list\"><li>Determines whether the user is who they claim to be.<\/li>\n\n<li>Requires users to verify their credentials using the established mechanism.<\/li><\/ul><p><strong>Authorization<\/strong><\/p><ul class=\"wp-block-list\"><li>Based on predefined rules, determines whether users are allowed or denied access.<\/li>\n\n<li>Checks whether access is permitted according to policies and security rules.<\/li><\/ul><figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"465\" src=\"https:\/\/155.212.171.134\/wp-content\/uploads\/2024\/02\/authentication-vs-authorization1-1024x465.webp\" alt=\"Authentication vs Authorization\" class=\"wp-image-1370\" srcset=\"https:\/\/tareev.studio\/wp-content\/uploads\/2024\/02\/authentication-vs-authorization1-1024x465.webp 1024w, https:\/\/tareev.studio\/wp-content\/uploads\/2024\/02\/authentication-vs-authorization1-300x136.webp 300w, https:\/\/tareev.studio\/wp-content\/uploads\/2024\/02\/authentication-vs-authorization1-768x349.webp 768w, https:\/\/tareev.studio\/wp-content\/uploads\/2024\/02\/authentication-vs-authorization1-1536x698.webp 1536w, https:\/\/tareev.studio\/wp-content\/uploads\/2024\/02\/authentication-vs-authorization1-2048x930.webp 2048w, https:\/\/tareev.studio\/wp-content\/uploads\/2024\/02\/authentication-vs-authorization1-scaled.webp 2000w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">Authentication vs Authorization<\/figcaption><\/figure><h2 class=\"wp-block-heading\"><strong>Frequently Used Authentication Mechanisms<\/strong><\/h2><p><strong>Single-factor Authentication (SFA)<\/strong> \u2013 a method where the application performs a simple check of the username and password. The application matches the user&#8217;s credentials with the password associated with that username.<\/p><figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"443\" height=\"543\" src=\"https:\/\/155.212.171.134\/wp-content\/uploads\/2024\/02\/image-7.webp\" alt=\"Single-factor Authentication (SFA)\" class=\"wp-image-1371\" srcset=\"https:\/\/tareev.studio\/wp-content\/uploads\/2024\/02\/image-7.webp 443w, https:\/\/tareev.studio\/wp-content\/uploads\/2024\/02\/image-7-245x300.webp 245w\" sizes=\"auto, (max-width: 443px) 100vw, 443px\" \/><figcaption class=\"wp-element-caption\">Single-factor Authentication (SFA)<\/figcaption><\/figure><p><strong>Federated Identity Management (FIM)<\/strong> \u2013 an agreement that can be made between multiple companies allowing participants to use the same identification credentials to access all companies within the group. This approach is known as &#8216;federated authentication.&#8217;<\/p><p><strong>Multi-factor Authentication (MFA)<\/strong> \u2013 requires users to provide multiple proofs to confirm their claimed identity. Users may complete the authentication process using a combination of any two or all of the following methods:<\/p><p>a) Authentication from their own device.<\/p><figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"800\" height=\"600\" src=\"https:\/\/155.212.171.134\/wp-content\/uploads\/2024\/02\/image-8.webp\" alt=\"Authentication from their own device\" class=\"wp-image-1372\" srcset=\"https:\/\/tareev.studio\/wp-content\/uploads\/2024\/02\/image-8.webp 800w, https:\/\/tareev.studio\/wp-content\/uploads\/2024\/02\/image-8-300x225.webp 300w, https:\/\/tareev.studio\/wp-content\/uploads\/2024\/02\/image-8-768x576.webp 768w\" sizes=\"auto, (max-width: 800px) 100vw, 800px\" \/><figcaption class=\"wp-element-caption\">Authentication from their own device<\/figcaption><\/figure><p>b) Biometric methods such as fingerprint or iris scanning.<\/p><figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"683\" src=\"https:\/\/155.212.171.134\/wp-content\/uploads\/2024\/02\/image-9-1024x683.webp\" alt=\"Biometric methods such as fingerprint or iris scanning\" class=\"wp-image-1373\" srcset=\"https:\/\/tareev.studio\/wp-content\/uploads\/2024\/02\/image-9-1024x683.webp 1024w, https:\/\/tareev.studio\/wp-content\/uploads\/2024\/02\/image-9-300x200.webp 300w, https:\/\/tareev.studio\/wp-content\/uploads\/2024\/02\/image-9-768x512.webp 768w, https:\/\/tareev.studio\/wp-content\/uploads\/2024\/02\/image-9.webp 1500w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">Biometric methods such as fingerprint or iris scanning<\/figcaption><\/figure><p>c) User credentials, commonly referred to as &#8216;creds.&#8217;<\/p><h2 class=\"wp-block-heading\">Now, let&#8217;s talk about <strong>Authorization<\/strong>.<\/h2><p><strong>Authorization<\/strong> involves granting access to system resources based on a specific set of rules. At this stage, the user must already be identified and authenticated.<\/p><p>The authorization mechanism allows security system administrators to specify user access rights and privileges. Access rights determine what a user can access, usually depending on their role.<\/p><p>Roles are associated with a category or group of users performing the same set of business functions. One user may have multiple roles.<\/p><figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"502\" height=\"340\" src=\"https:\/\/155.212.171.134\/wp-content\/uploads\/2024\/02\/image-10.webp\" alt=\"Access denied\" class=\"wp-image-1374\" srcset=\"https:\/\/tareev.studio\/wp-content\/uploads\/2024\/02\/image-10.webp 502w, https:\/\/tareev.studio\/wp-content\/uploads\/2024\/02\/image-10-300x203.webp 300w\" sizes=\"auto, (max-width: 502px) 100vw, 502px\" \/><figcaption class=\"wp-element-caption\">Access denied<\/figcaption><\/figure><p>Let&#8217;s address how an authorization error might occur. For example, we try to access our account, but the system denies access. It&#8217;s likely because we entered the wrong username or password. We failed authentication, and the authorization request was denied because the system didn&#8217;t recognize us.<\/p><p>While these concepts are different, they are interconnected. That&#8217;s all for today. What concepts do you struggle with or mix up? Share in the comments below!<\/p>","protected":false},"excerpt":{"rendered":"<p>As QA engineers, it&#8217;s essential to understand the difference between authentication and authorization to ensure the security and functionality of applications.<\/p>","protected":false},"author":4,"featured_media":1368,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[73,27],"tags":[82,83,87,84,86],"class_list":["post-1367","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-quality-assurance","category-tech","tag-qa","tag-quality-assurance","tag-software","tag-testing","tag-testing-theory"],"acf":[],"_links":{"self":[{"href":"https:\/\/tareev.studio\/ru\/wp-json\/wp\/v2\/posts\/1367","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tareev.studio\/ru\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tareev.studio\/ru\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tareev.studio\/ru\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/tareev.studio\/ru\/wp-json\/wp\/v2\/comments?post=1367"}],"version-history":[{"count":3,"href":"https:\/\/tareev.studio\/ru\/wp-json\/wp\/v2\/posts\/1367\/revisions"}],"predecessor-version":[{"id":1377,"href":"https:\/\/tareev.studio\/ru\/wp-json\/wp\/v2\/posts\/1367\/revisions\/1377"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/tareev.studio\/ru\/wp-json\/wp\/v2\/media\/1368"}],"wp:attachment":[{"href":"https:\/\/tareev.studio\/ru\/wp-json\/wp\/v2\/media?parent=1367"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tareev.studio\/ru\/wp-json\/wp\/v2\/categories?post=1367"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tareev.studio\/ru\/wp-json\/wp\/v2\/tags?post=1367"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}