- verify the identity of the remote user.
- It is a prerequisite for authorization, it consists of making and enforcing an authorizaiton decision depending on authentication information.
- most often synonymous with challenge authentication, which means that the server first specifies the type of credentials that it is expecting from the client in order to successfully authenticate subsequent requests. then the client can respond by providing the proper credentials to the server.
Its function is to grant or deny the request access to the next resource it protects depending on their authentication status and on the action they wish to perform.