authentication = [
  {
    backend = "built_in_database"
    mechanism = "password_based"
    password_hash_algorithm {
      name = "sha256",
      salt_position = "suffix"
    }
    user_id_type = "username"
  }
]
authorization {
  deny_action = ignore
  no_match = allow
  sources = [
    {
      type = built_in_database
      enable = true
    }
  ]
}