Authorization
Authorization works right after authentication, in order to grant access and permissions to an identity requesting access to IT resources. The most common authorization protocol is OAuth, now in OAuth 2.0 version. At least one and a resource owner are involved in the authorization process. Authorization works by having an authorization server assign access tokens to clients. This is a string which includes a scope, a lifetime and other attributes.
