Authentication and Authorization

Auth Armor helps you authenticate and authorize your users at the same time. Authentication is not the same as Authorization.

  • Authentication
    Authentication is the act of verifying someone is who they are claiming to be.

  • Authorization
    Authorization is the act of verifying someone wants to perform an action or activity.

For example, if you want to present a login page for a user, are you doing two things.

  1. You are authenticating the user, ensuring the person is who they claim to be
  2. You are authorizing the user, ensuring the user wants to login to your app or website.

Not just for login

Auth Armor can absolutely be used for login, but it does not just stop there. You can elevate actions by asking for authorization before performing a task. For example, a bank withdraw. The user must already be logged into the account to start a withdraw. But let's say the bank has a business rule that if more than $100.00 in funds are being transferred, we need real-time authentication and authorization. Auth Armor can be used to obtain this authorization and authentication

Out of Band Authentication

Strong MFA without codes