Authentication vs. Authorization

Authentication is about identifying (that is, establishing the identity of a user) — when you request authentication, you verify specific credentials. Authorization is about authorizing (that is, justifying the level of access granted to an authenticated user) — when you request authorization, you verify specific permissions.

Tip

When talking about authentication, pay attention to prepositions. Since an entity (for example, a user) authenticates somewhere (for example, to a host) using some authentication information (for example, with specific credentials), the correct prepositions are to and with. For example, The user must authenticate to the host with Active Directory credentials.

However, in some cases, you can also use the preposition against — it basically has the same meaning as to but implies that some entries are compared to each other as part of the authentication process. For example, Specify credentials that Veeam Backup & Replication will use to authenticate against the iSCSI Target Server.

Examples

Veeam Backup & Replication uses IP address authorization to restrict access to the vPower NFS server.
The request body must contain credentials of an account with the Orchestrator Administrator or Plan Author privileges. To learn how to authorize your access, see Example Requests and Responses.
In the Authentication section, select an authentication mode to connect to the Microsoft SQL Server instance: either Windows Authentication or SQL Server Authentication. If you select the Microsoft SQL Server authentication mode, specify credentials of a user account that you want to use.
Local accounts do not support Kerberos authentication. To authenticate to a Microsoft Windows guest OS using Kerberos, specify an Active Directory account.