Authentication and Authorization are two very commonly used terms in respect of software access, with a very subtle difference between them. Authentication means you allow a user to get inside something, it's as simple as a username-password login. When you log in to your Facebook account you are authenticated into it. However, Authorization is more to do with priviliges. There are varying degrees of authorization that a user has access to. Like as a Facebook user you are authorized to delete your comment but you are not authorized to delete someone else's comment.

Let's take the simple analogy of me going to office everyday. Because I have my company ID card, I am authenticated (and simultaneously authorized) to enter the office building. However, I am not authorized to enter the kitchen because I don't have the role and the privilages of the catering staff.