Definition
Authorization is a basic security concept that decides which actions a user, wallet, or application is permitted to perform after their identity has been confirmed. It is separate from authentication, which focuses on proving who someone or something is. In blockchain and crypto systems, authorization often controls whether a given address, key, or account may read data, submit transactions, or manage specific resources. It acts as a rule layer that limits access based on predefined permissions or roles.
As a security primitive, authorization typically relies on access control rules that map identities to allowed operations. These rules can be simple, such as granting a single wallet permission to move certain tokens, or more complex, such as role-based policies in smart contract systems. The outcome of authorization is a clear decision: whether an attempted action is allowed or denied under the current security policy.
In Simple Terms
Authorization is about deciding what someone is allowed to do after they have logged in or proven who they are. In crypto and blockchain contexts, it answers questions like whether a specific address may send funds, change settings, or view protected data. While authentication checks identity, authorization checks permissions and limits actions to what has been approved in advance.
Context and Usage
In many systems, authorization is implemented through access control lists, roles, or permission flags that are checked whenever an action is requested. On blockchains, smart contracts and protocols may embed authorization logic directly in code, defining which keys or accounts have control over funds or configuration. This makes authorization a core part of how security and governance are enforced in decentralized environments, ensuring that only approved entities can perform sensitive operations.