authentication is stating that you are who are you are and authorization is asking if you have access to a certain resource . when working with rest apis you must remember to consider security from the start. restful api often use get (read), post (create), put (replace/update) and delete (to delete a record).