Reconnect applies to all authentication methods. When you click Reconnect for a device, its associated AP sends a de-authentication packet to this device. The device will then disconnect from the AP. Almost all devices connect right back to the WLAN after de-auth. Most administrators use this to manually trigger a roaming event to another AP.
Reauthorize applies only to already authorized guests. When you click Reauthorize for a guest device, the cloud and its associated AP will mark this guest device as NOT authorized. The guest device will again be redirected back to the guest portal.
Normally, Reauthorize is used together with Require a passphrase to connect in Portal options. For example, if the administrator changes to a new passphrase for portal, he clicks the Reauthorize button for all guest devices so that these devices are forced to be redirected to the portal again. Then, only guests who know the new passphrase can continue to use the guest WLAN.
Both commands can be used for an individual device or multiple selected devices.
And spefically for guest clients you can click on “Edit Guest Authorization” as show below.
Now you can also much more detail on the client and the information they entered in the portal (as it was setup for) and “Deauthorize” if needed. In the rare case of “Authorize” you would need to know the MAC address of the client and use the “Search Client” box to find it and you could Authorize the client manually. In the days of MAC randomization this would be rarely be done, but it is available.