Authorization –

The term authorization refers to the actions of granting rights to access information, bypass security, or to control something. Authorization can be granted for computer users, computer programs, and computer hardware. This works by establishing control rules, based off an identification, that are used to decide whether or not to approve or disprove a request. Authorization rules are static, they can be created and will be used until updated, requiring no action on the part of the requester.

Authentication –

The term authentication refers to the process of confirming an identity for a computer user, a computer program, or a piece of computer hardware. This is most commonly seen as a username and password combination to log in. Authentication processes are dynamic because the authentication must be verified over and over again, at given intervals, requiring the requester to act.

Putting them Together –

The difference between the two is that authorization is the process of grating access to something based off an identity, whereas authentication is the process of ensuring that the identity is confirmed. The connection between the two authorization requires authentication in order to function properly. Authentication doesn’t require authorization, but is the motivation for someone to act.