Authorization is the second step after authentication to achieve security. Authorization relates to all the permissions the authenticated user has to access in PageMajik. Authorization is two-fold, security authorization (role-based) and privacy authorization (resource-based), i.e., is this person allowed to access/perform action on that resource? For example, a copyeditor may have permission to copyedit a manuscript, but will be able to copyedit only those books he/she has access to. This is achieved by setting roles and permissions for an authenticated end user.