The SRĀ OS supports local, RADIUS, and TACACS+ authorization to control the actions of specific users. Any combination of these authorization methods can be configured to control actions of specific users:
Local authorization and RADIUS authorization operate by applying a command authorization profile that is associated in configuration with the user. The profiles are configured locally on the router or downloaded using VSAs from a RADIUS server. See Vendor-specific attributes.
Authorization applies to CLI access as well as NETCONF or gRPC access. See Authorization profiles for different interfaces for more details.