In some cases, the User-ID agent can’t map an IP address to a username using server monitoring or other methods—for example, if the user isn’t logged in or uses an operating system such as Linux that your domain servers don’t support. In other cases, you might want users to authenticate when accessing sensitive applications regardless of which methods the User-ID agent uses to perform user mapping. For all these cases, you can configure Configure Authentication Policy and Map IP Addresses to Usernames Using Captive Portal. Any web traffic (HTTP or HTTPS) that matches an Authentication policy rule prompts the user to authenticate through Captive Portal. You can use the following Captive Portal Authentication Methods: