To correctly manage the security of your companies data it is very important to understand the difference between authentication and authorization.

Both the terms are often used in conjunction with each other in terms of security, especially when it comes to gaining access to the system. Both are very crucial topics often associated with the web as key pieces of its service infrastructure. However, both the terms are very different with totally different concepts. While it’s true that they are often used in the same context with the same tool, they are completely distinct from each other.

Authentication means confirming your own identity, while authorization means granting access to the system. In simple terms, authentication is the process of verifying who you are, while authorization is the process of granting permission to cloudHQ to access your cloud accounts (copy files, restore emails, etc.) on your behalf.

Authentication

Authentication is about validating your credentials like User Name/User ID and password to verify your identity. We use the OpenID Connect protocol for that. You can manage your authentication by clicking on My Account link in the upper right corner.

Authorization

Authorization, on the other hand, occurs after your identity is successfully authenticated by cloudHQ. Then you can give permission to cloudHQ to access the resources such as files, emails. This is handled with the OAuth2 protocol. In simple terms, authorization gives our system the ability to access your data in the cloud. So you need to authorize access of Box and Google Drive as admin@. The authorizations are done under the Cloud Accounts tab.