It is a way that resource owner provide or grant access for the clients. The access of the resource can be made using a key or token that could make the client to use and access the resource granted.
Authentication is always the first step to be performed before letting users to access services or resources. Authentication guarantees about the identity of the user or who haas the right to access the service or resource available for clients.
Therefore those who are authenticated should be authorized to access resources. The flow of authorization and authentication can be discussed in the following simple diagram taking an example of API call
Figure 1.1 : – Authorization mode and its corresponding Authentication process
Description : – Looking the above diagram,, A client does a service request using an API key or Token generated by Authorization server. Then The response of the call will be sent to the client if and only if the API key that the client use the same with the recorded API key otherwise it will be declined.