Authentication and authorization are two steps that decide who you are and what you can do in a system

How it works

Authentication comes first: the system checks your identity, usually with a username and password, or maybe a fingerprint. Once you're recognized, authorization happens: the system checks your permissions and decides what parts you can access or what actions you can take.

Analogy

Think of an office building. At the entrance, the security guard asks for your badge to confirm who you are - that's authentication. Then, once inside, maybe your badge only opens certain doors, like your own department but not the manager's office - that's authorization.