The authentication process of a client using the authenticator on a RADIUS server can vary in complexity and is implementation dependent. In a simplified application, the client sends its registration data to the RADIUS server via the authenticator and receives back either an "Accept“ or a "Reject“.
In more complicated applications, the RADIUS server can request additional registration data using what is known as a "Challenge“. The handshake sequence looks something like this: