...
A single initial administrative user is set up for you by SaltyCloud. You then add data about additional users and organizational units. In a typical environment, users are authenticated to Isora GRC via LDAP or Active Directory. Credentials and LDAP schema must be provided to SaltyCloud and will be integrated as part of provisioning your individual instance of Isora GRC. Currently there is no way to manually add information later about your authentication server; however, you can always integrate LDAP later by working with SaltyCloud’s support team. (Refer back to Isora GRC Customization for more info on customization.)
If you’re not using LDAP or AD, then local authentication can be used. In that case, users along with their passwords are stored locally in Isora GRC.
...