The following chapters will explain the differences between authentication of users, their definition as agents and the role they may perform in Stratus Agent
As a first simplified description:
Authentication -users from any directory source need to be authenticated within an (optionally synced) user directory in order to be recognized within Stratus Agent. Alternatively they may be directly defined in the system to gain access.
Authorization - users need to be authorized to access various functions within Stratus Agent (e.g. Reporting, Frontend, Configuration).
Also see → Role Based Access for detailed access rights. Permissions on all data entities of Stratus Agent separated by Organization Units to further distinguish the user's individual access per divison / team.
Also 
Any user with the corresponding role can also act as an