- Session token (Client server architecture with traditional way).
- JSON Web token (Client server architecture with JWT)
Authentication refers to the process of verifying the identity of a user or a system. It involves checking whether the user or system is who it claims to be, by verifying some credentials such as a username and password, biometric data, digital certificates, or other forms of authentication factors.
Authorization, on the other hand, refers to the process of granting or denying access to specific resources or services based on the user's authenticated identity and the user's permissions or privileges. Authorization determines whether a user has the right to perform specific actions, such as accessing files, running programs, or modifying system settings.