DEV Community

Cover image for Best analogy for Authentication vs Authorization I've found so far
Ovidiu Miu
Ovidiu Miu

Posted on • Edited on

Best analogy for Authentication vs Authorization I've found so far

After some thinking and some google searches I think I've found a very good analogy for representing authentication vs authorization. I'll stick to this, seems like a good mental model.

The analogy is found here: https://www.okta.com/identity-101/authentication-vs-authorization/

It roughly goes like this:

  • You go visit your neighbor. You knock at his door.

  • He looks through the peephole, and then he recognizes you (authentication).

  • He opens the door and invites you in.

  • You talk to him and start feeling comfortable, so you go sit on the sofa. He has no problem with this (you are authorized to do this).

  • You even use his toilet (still authorized).

  • After some time you feel hungry and try to open his fridge to have a look. He stops you and says that you are not allowed to do this (not authorized). Maybe his best friend is allowed... (he might be authorized)

Top comments (0)