For me, words authorization and authentication have been synonyms. When I thought about authorization I have used authentication and vice versa. So what is the key difference between these two words?

Authentication

Is a process of identifying yourself. It answers the question “who you are?”. It basically deals with provided credentials and proving them to check if they are valid and match with an actual user.

Authorization

Is a process of checking if you are allowed to do, what you are going to do. It answers the question “what can you do?”. The goal of authorization is to determine what things you have access to.