I don’t think they are almost identical, they just have the same prefix. “Login” and “permission” each have the same problem: “login” is very similar to “logging”, and “permission” shares a prefix with “persistence” (or permanent). Ultimately software engineering is a broad enough field that we will necessarily have to use similar words to describe the many, many concepts
pjerem|1 year ago
What does the "auth" module ?
diego_sandoval|1 year ago
lsaferite|1 year ago
bigyikes|1 year ago
“Permission” and “persistence” have the same prefix but entirely different semantics. They also occur more commonly in everyday life.
AuthN and AuthZ are similar in in spelling, appear in similar contexts, and are less colloquial, making the distinction a lot less clear.
There’s a reason many junior devs use them interchangeably without knowing better.
mepiethree|1 year ago
I think the reason junior devs get them confused is that many junior devs are never taught anything about either in school. But then you just tell the junior dev that they mean different things and in my experience they only need to be told that once.
Ultimately I think it’s fine to use vocabulary.
croes|1 year ago
coldtea|1 year ago
As a dev you're either building or hooking up to either or both of them. And you know what each requires you to build / hook up to.
As a user, you just care "I put my login/password/api key here, and I get the capability to do several things in that webpage/service/etc". Both auth and the other auth are handed for you.
numpad0|1 year ago
Hence the confusion and ambiguous shorthand "auth". You auth and gets everything. You fail to auth and you don't have access. That covers ~80% of any authentication-authorization-accounting systems use cases, and that allows people to be care-free about differences.