Authorization is the process of allowing an authenticated users to access the resources by checking whether the user has access rights to the system. Authorization helps you to control access rights by granting or denying specific permissions to an authenticated user.
For example, students of a particular university are required to authenticate themselves before accessing the student link of the university’s official website. This is called authentication.
On the other hand, Authorization determines exactly what information the students are authorized to access on the university website after successful authentication.