{"id":40480,"date":"2021-05-13T09:03:20","date_gmt":"2021-05-13T09:03:20","guid":{"rendered":"https:\/\/www.testpreptraining.com\/tutorial\/?page_id=40480"},"modified":"2021-05-13T09:03:21","modified_gmt":"2021-05-13T09:03:21","slug":"explain-the-difference-authentication-vs-authorization","status":"publish","type":"page","link":"https:\/\/www.testpreptraining.ai\/tutorial\/explain-the-difference-authentication-vs-authorization\/","title":{"rendered":"Explain the difference: Authentication vs. Authorization"},"content":{"rendered":"\n<p><strong><a href=\"https:\/\/www.testpreptraining.ai\/tutorial\/exam-sc-900-microsoft-security-compliance-and-identity-fundamentals\/\" target=\"_blank\" rel=\"noreferrer noopener\">Go back to Tutorial<\/a><\/strong><\/p>\n\n\n\n<p>In this tutorial, we will learn about authentication and authorization. We will understand how to use the Microsoft identity platform for authenticating and authorizing users in your web apps, web APIs, or apps that call protected web APIs. <\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Authentication<\/strong><\/h4>\n\n\n\n<p>Authentication or AuthN refers to the process of proving that you are who you say you are. The Microsoft identity platform uses the OpenID Connect protocol for handling authentication.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Authorization<\/strong><\/h4>\n\n\n\n<p>Authorization is the act of granting an authenticated party permission to do something. However, it specifies the data access and what you can do with that data. It sometimes shortened to AuthZ. The Microsoft identity platform uses the OAuth 2.0 protocol for handling authorization.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Authentication and authorization using the Microsoft identity platform<\/strong><\/h4>\n\n\n\n<p>Creating apps that each maintain their own username and password information incurs a high administrative burden when adding or removing users across multiple apps. <\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><a href=\"https:\/\/www.testpreptraining.ai\/exam-sc-900-microsoft-security-compliance-identity-fundamentals-free-practice-test\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/05\/sc-900-tests.png\" alt=\"Practice tests\"\/><\/a><\/figure><\/div>\n\n\n\n<p>Further, Azure Active Directory (Azure AD) is a centralized identity provider in the cloud. Delegating authentication and authorization to it enables scenarios such as:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Firstly, conditional Access policies for needing a user to be in a specific location.<\/li><li>Secondly, the use of multi-factor authentication or two-factor authentication or 2FA.<\/li><li>Lastly, enabling a user to sign in once and then be automatically signed in to all of the web apps that share the same centralized directory. This capability is known as single sign-on (SSO).<\/li><\/ul>\n\n\n\n<p>However, the Microsoft identity platform simplifies authorization and authentication for application developers by providing identity as a service. It supports industry-standard protocols and open-source libraries for different platforms for helping you start coding quickly. Further, it allows developers for building applications that,<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Firstly, sign in all Microsoft identities<\/li><li>Secondly, get tokens to call Microsoft Graph<\/li><li>Thirdly, access Microsoft APIs<\/li><li>Lastly, access other APIs that developers have built.<\/li><\/ul>\n\n\n\n<h6 class=\"wp-block-heading\"><strong>Comparisons of Protocol<\/strong><\/h6>\n\n\n\n<p>Here&#8217;s a comparison of the protocols that the Microsoft identity platform uses:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Firstly, <strong>OAuth versus OpenID Connect<\/strong>. The platform uses OAuth for authorization and OpenID Connect (OIDC) for authentication. However, OpenID Connect is built on top of OAuth 2.0, so the terminology and flow are similar between the two. You can even both authenticate a user (through OpenID Connect) and get authorization to access a protected resource that the user owns (through OAuth 2.0) in one request. <\/li><li>Secondly, <strong>OAuth versus SAML<\/strong>. The platform uses OAuth 2.0 for authorization and SAML for authentication. <\/li><li>Lastly, <strong>OpenID Connect versus SAML<\/strong>. The platform uses both OpenID Connect and SAML to authenticate a user and enable single sign-on. You can use SAML authentication with identity providers like Active Directory Federation Services (AD FS) federated to Azure AD. On the other hand, you can use OpenID Connect for apps that are purely in the cloud, like mobile apps, websites, and web APIs.<\/li><\/ul>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><a href=\"https:\/\/www.testpreptraining.ai\/exam-sc-900-microsoft-security-compliance-identity-fundamentals-practice-exam\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/05\/sc-900-course.png\" alt=\"sc-900 online course Authentication vs. Authorization\"\/><\/a><\/figure><\/div>\n\n\n\n<p><strong>Reference:<\/strong> <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/develop\/authentication-vs-authorization\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Documentation<\/a><\/p>\n\n\n\n<p><strong><a href=\"https:\/\/www.testpreptraining.ai\/tutorial\/exam-sc-900-microsoft-security-compliance-and-identity-fundamentals\/\" target=\"_blank\" rel=\"noreferrer noopener\">Go back to Tutorial<\/a><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Go back to Tutorial In this tutorial, we will learn about authentication and authorization. We will understand how to use the Microsoft identity platform for authenticating and authorizing users in your web apps, web APIs, or apps that call protected web APIs. Authentication Authentication or AuthN refers to the process of proving that you are&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"categories":[],"tags":[],"class_list":["post-40480","page","type-page","status-publish","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Explain the difference: Authentication vs. Authorization - Testprep Training<\/title>\n<meta name=\"description\" content=\"Upgrade your knowledge by learning the process of Authentication and Authorization. Prepare and pass the Microsoft SC-900 Exam Now!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.testpreptraining.ai\/tutorial\/explain-the-difference-authentication-vs-authorization\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Explain the difference: Authentication vs. Authorization - Testprep Training\" \/>\n<meta property=\"og:description\" content=\"Upgrade your knowledge by learning the process of Authentication and Authorization. Prepare and pass the Microsoft SC-900 Exam Now!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.testpreptraining.ai\/tutorial\/explain-the-difference-authentication-vs-authorization\/\" \/>\n<meta property=\"og:site_name\" content=\"Testprep Training Tutorials\" \/>\n<meta property=\"article:modified_time\" content=\"2021-05-13T09:03:21+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/05\/sc-900-tests.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/explain-the-difference-authentication-vs-authorization\/\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/explain-the-difference-authentication-vs-authorization\/\",\"name\":\"Explain the difference: Authentication vs. Authorization - Testprep Training\",\"isPartOf\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\"},\"datePublished\":\"2021-05-13T09:03:20+00:00\",\"dateModified\":\"2021-05-13T09:03:21+00:00\",\"description\":\"Upgrade your knowledge by learning the process of Authentication and Authorization. Prepare and pass the Microsoft SC-900 Exam Now!\",\"breadcrumb\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/explain-the-difference-authentication-vs-authorization\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.testpreptraining.ai\/tutorial\/explain-the-difference-authentication-vs-authorization\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/explain-the-difference-authentication-vs-authorization\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Explain the difference: Authentication vs. Authorization\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"name\":\"Testprep Training Tutorials\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\",\"name\":\"Testprep Training\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"contentUrl\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"width\":583,\"height\":153,\"caption\":\"Testprep Training\"},\"image\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Explain the difference: Authentication vs. Authorization - Testprep Training","description":"Upgrade your knowledge by learning the process of Authentication and Authorization. Prepare and pass the Microsoft SC-900 Exam Now!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.testpreptraining.ai\/tutorial\/explain-the-difference-authentication-vs-authorization\/","og_locale":"en_US","og_type":"article","og_title":"Explain the difference: Authentication vs. Authorization - Testprep Training","og_description":"Upgrade your knowledge by learning the process of Authentication and Authorization. Prepare and pass the Microsoft SC-900 Exam Now!","og_url":"https:\/\/www.testpreptraining.ai\/tutorial\/explain-the-difference-authentication-vs-authorization\/","og_site_name":"Testprep Training Tutorials","article_modified_time":"2021-05-13T09:03:21+00:00","og_image":[{"url":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/05\/sc-900-tests.png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/explain-the-difference-authentication-vs-authorization\/","url":"https:\/\/www.testpreptraining.ai\/tutorial\/explain-the-difference-authentication-vs-authorization\/","name":"Explain the difference: Authentication vs. Authorization - Testprep Training","isPartOf":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website"},"datePublished":"2021-05-13T09:03:20+00:00","dateModified":"2021-05-13T09:03:21+00:00","description":"Upgrade your knowledge by learning the process of Authentication and Authorization. Prepare and pass the Microsoft SC-900 Exam Now!","breadcrumb":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/explain-the-difference-authentication-vs-authorization\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.testpreptraining.ai\/tutorial\/explain-the-difference-authentication-vs-authorization\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/explain-the-difference-authentication-vs-authorization\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.testpreptraining.ai\/tutorial\/"},{"@type":"ListItem","position":2,"name":"Explain the difference: Authentication vs. Authorization"}]},{"@type":"WebSite","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","name":"Testprep Training Tutorials","description":"","publisher":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization","name":"Testprep Training","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/","url":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","contentUrl":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","width":583,"height":153,"caption":"Testprep Training"},"image":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/40480","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/comments?post=40480"}],"version-history":[{"count":7,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/40480\/revisions"}],"predecessor-version":[{"id":40586,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/40480\/revisions\/40586"}],"wp:attachment":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/media?parent=40480"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/categories?post=40480"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/tags?post=40480"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}