In Basic term Authentication is a process of verifying the identity of a user while authorization is process of checking whether user has a access right to the system. So authorization takes place after authentication.
U can use authentication and authorization with below example in C#
any client call the service or you want to control who can call the service.
any client call any method of the service or you want to control what clients can call what methods
any client execute all of the code in a method or you want to control what clients can execute what code
The answers to these questions determine your use of authentication and authorization. Authentication enables you to identify clients that call the service. Authorization enables you to determine what operations authenticated clients can access. You will typically base authorization on roles.
To authorize, you first need to authenticate. To do that, you must be able to identify clients. Clients can identify themselves by providing evidence such as a Windows account, a user name / password or a certificate. Clients must also know that they are calling the service they intend to call. Services can identify themselves by providing a certificate.