Authorization is a process that determines what a user is able to do. For example, an Admin user is allowed to install/remove a software from a computer and a non-Admin user can use the software from the computer. It is independent and orthogonal from authentication. However, authorization requires an authentication mechanism. For applications, the first step is always authentication and then authorization.
source https://www.c-sharpcorner.com/article/role-base-authorization-in-asp-net-core-2-1/
No comments:
Post a Comment