Skip to content

Authorization

AuthZ

Easy — everyone uses thisSecurity

ELI5 — The Vibe Check

Authorization is deciding what you're allowed to do after you've proven who you are. The bouncer let you in (authentication), but now the VIP host decides if you can sit in the VIP section (authorization). You're in the building, but not everywhere in it.

Real Talk

Authorization determines what resources or actions an authenticated user is permitted to access. It typically involves roles, permissions, and access control lists (ACLs) that define what each user or group can do.

Show Me The Code

// Checking if user has permission to delete
if (!user.roles.includes('admin')) {
  throw new Error('Not authorized to delete posts');
}

When You'll Hear This

"The endpoint needs authorization — only admins should call it." / "Authorization error: you don't have permission to view this."

Related Terms

Authentication (AuthN)

Authentication is proving you are who you say you are.

beginnerSecurity

CORS (CORS)

CORS (Cross-Origin Resource Sharing) is the browser's built-in protection that prevents random websites from making API calls to your backend using the vis...

intermediateSecurity

OWASP Top 10

The OWASP Top 10 is the security industry's greatest hits of web vulnerabilities — the 10 most common, dangerous ways apps get hacked.

beginnerSecurity

Token

In AI-land, a token is a chunk of text — roughly 3/4 of a word.

beginnerVibecoding
Back to Browse Random Term

Made with passive-aggressive love by manoga.digital. Powered by Claude.