Authentication is the process of proving that you are who you say you are. 

Authorization is the act of granting an authenticated party permission to do something and answers the question of what you are allowed to do. It specifies what data you’re allowed to access and what you can do with that data.

By registering your application and using a service account, Tiki Marketplace can authenticate your client app. But every time your client app requests data and resources from the Tiki Marketplace, we don’t know what data you’re allowed to access and what you can do with that data. Therefore, we need authorization and Tiki Marketplace identity platform uses the OAuth 2.0 protocol for handling authorization.