Authorization is the function of specifying access rights to resources.
Whydah supports role-based access control. This means that a user is given a role in for a certain application.
Whydah also supports the concept of On-behalf-of relations.
See also UIB Data storage - persistence for details on how authorization data is stored.