Bummer! This is just a preview. You need to be signed in with a Basic account to view the entire video.
Authentication vs Authorization1:46 with Alena Holligan
Introduction to authentication and explaining the difference between authentication and authorization as this is something that many people confuse.
HTTP Status codes also help you show if a user is unauthenticated or unauthorized. These come from using 401 Unauthorized and 403 Forbidden HTTP Status codes, however, they are a little misleading. 401 Unauthorized actually means the user is not authenticated while 403 Forbidden means the user is not authorized to perform the action they are trying to do.
Understanding 403 Forbidden
Course: HTTP Basics
The difference between authentication and
authorization can be a little confusing when you're starting out.
Authentication is the process of identifying who you are.
There are many ways to authenticate yourself, and not only on the web.
Since this course is about user authentication with PHP,
the most common authentication is a username and password.
But you're around authentication all the time.
If you want to travel on an airplane, you'll be required to identify
who you are in the form of a passport or other accepted identification.
This is a different, non-web form of authentication.
Authorization is the process of verifying that you have
access to do what you're trying to do.
When authorizing a user with PHP, this could mean
allowing an authenticated user access to an administrative dashboard.
Let's take a look at this in a little different way.
You are the tenant of an apartment building with nine other people.
In order to authenticate yourself to show that you are allowed into the building,
you are given a key card.
This key card identifies who you are and allows you into the main building.
This is the authentication part of the system.
Now that you have been authenticated yourself and
are in the building, you are presented with ten doors.
Your key card only allows you into a single door, your apartment.
This is the authorization part.
You are authorized to enter only one of the ten doors.
Hopefully now you're able to see the difference between authentication and
You need to sign up for Treehouse in order to download course files.Sign up