Identity and Access Management - Authorization (AuthZ)


After a user has been authenticated, the next critical aspect of security is ensuring that the user can do and see what they are authorized to do and see.

Authorization is the process of validating what an authenticated user can access (abbreviated as AuthZ).

It's abbreviated as AuthZ for authentication versus AuthN for authentication.

This is done generally by:

  • the assignation of group to the user.
  • looking at tokens with custom logic, predefined rules, or signed requests with policies.

Authorization is the the process of granting an user (authenticated or not) access to a resource in accordance to their assigned privileges.

Authorization is a broad term for controlling access to resources based on user privileges.

User Account Control (UAC)

UAC limits application software to standard user privileges until an administrator authorizes an increase or elevation. See also User space

Powered by ComboStrap