SharePoint: Access Issues | Authentication vs. Authorization

/ Charles

SharePoint access issues are sometimes tricky. Simplifying things though, access issues ultimately fall into two categories: authentication or authorization.

Authentication asks a very simple question. Are they permitted/ allowed to access the content? If yes, then they can open SharePoint. Otherwise, they get an access denied screen.

Figure 1 - Account authorized option #1.
Figure 1 – Account not authorized, but able to request access.
Figure 2 - Account not authorized option #2.
Figure 2 – Account not authorized and not permitted to request access.

Authorization asks the other simple question. What actions are they permitted/ allowed to do? At minimum, authenticated people can view the content, but can they modify? Can they delete? Can they create?

Figure 3 – Account authorization permission levels.

An example of authorization is being able to read a PDF, but not modify, indicated by a pencil icon with a line through it.

Figure 4 - Account authorized for read, not modify.
Figure 4 – Account authorized for read, not modify.

Conclusion:
If someone is authenticated, then they’re allowed to access resources. If someone is authorized, then they’re allowed to perform actions.

“Of all forms of slavery there is none that is so harmful and degrading as that form of slavery which tempts one human being to hate another by reason of his race or color. One man cannot hold another man down in the ditch without remaining down in the ditch with him.”

Booker T. Washington

#BlackLivesMatter

Leave a comment