Forced Browsing & Improper Authorization are pretty much the same thing. In both cases, you have a failure to properly authorize access to a resource, e.g. an admin area is left unprotected or you're able to directly enumerate values in a request to acces other users' data.
Some people combine then just under "Authorization Bugs" or Auth-Z to differentiate from Auth-N.
Generally, Forced Browsing (or direct object reference) is used when you're taling about enumerable valuse such as post IDs, and other parts of the site that are not ordinarily available to you from your privilege level.
If we use "permalinks" for resources such as Posts based on their ID, it's simple for an attacker to enumerate IDs and access every post in the system, not just their own.
For example, if you have the following URL http://insecure.com/post?id=100, you can start guessing ids by changing ?id=<your_guess> and go through others' posts.
One of the best techniques is to perform every action you can as the highest-privileged user, then switch to a lower-privileged user and replay those requests, changing session IDs/CSRF token as needed.
This is a great way to find admin-level functionality that has improper authorizaton checks.
Even if there's only one single entry point for an admin-console, possible most of its sub-features use different forms of authentication, which might make them vulnerable.