What's the diff?
So I was helping someone with BCrypt authentication and authorization yesterday as I was working on accessing Marvel's new API and came upon this question. What's the difference between server-side and client-side authentication and authorization? So I went digging around on the intrawebs and talked to a few of my friends. The best way to visualize server-side and client-side authentication is in accessing a 3rd party application.
In terms of accessing a 3rd party applcation, if the application requires my users to input their username and password then it's server-side. They are giving authentication and authorization to my user to access their information.
If I require my users to log in to use a third party application, then it's client-side. I am the client requesting information from a 3rd party on behalf of my users, therefore the authentication and authorization to use the 3rd party information falls upon me.