Being authorised is the technical term for being allowed to do something. It could be viewing a page or updating a resource with a form.

Authorisation usually occurs after users are authenticated. Once the system knows who you are, it can check what you are allowed to do.

Authorisation is used for many things in a web app. It could be used to hide pages for visitors that aren't logged in. If they try to access that page without being logged in, they will get an error.

It could also be used to determine who can manipulate data. On a forum, there are users and moderators. Users are usually allowed to create, update, and delete their posts and comments. But moderators can delete all posts and comments. When someone tries to delete a post, authorisation is used to determine whether it's the author or a moderator.

Authentication scaffolding

Starter kits for Laravel, Vue and React.