C#: What is the basic difference between Authentication and Authorization?

Answer 1

In Basic term Authentication is a process of verifying the identity of a user while authorization is process of checking whether user has a access right to the system. So authorization takes place after authentication.

U can use authentication and authorization with below example in C#

any client call the service or  you want to control who can call the service.
any client call any method of the service or you want to control what clients can call what methods
any client execute all of the code in a method or you want to control what clients can execute what code

The answers to these questions determine your use of authentication and authorization. Authentication enables you to identify clients that call the service. Authorization enables you to determine what operations authenticated clients can access. You will typically base authorization on roles.

To authorize, you first need to authenticate. To do that, you must be able to identify clients. Clients can identify themselves by providing evidence such as a Windows account, a user name / password or a certificate. Clients must also know that they are calling the service they intend to call. Services can identify themselves by providing a certificate.

Answer 2

It's a generic thing if I understood question correctly.
Authentication - It means either User is genuine or not.
Authorization - It means either a genuine user can access a particular service or not.

Answer 3

Authorization
Authorization is a process of allowing or denying resources to particular user or record

Declaration of authorization is

<authorization>
<allow users=”Suresh, Sanjay”/>
<deny users=”Ramana, Rakesh”>
</authorization>
Sometimes authorization allows the unauthorized persons at that time we will use
<deny users=”?”/>

Authentication

Authentication is a process where we identify the credentials of user i.e. username, password and create an identity to mention user as an authenticated.