Authenticaiton in WebSphere is a fairly broad topic. However, when just getting started, Authentication can be broken into two categories.
Before delving into the authentication protocol and user accounts repository being used, you first want to ensure that administrative security is enabled so that the authentication protocol and user account is required when signing into the WebSphere admin console.
Both the authentication protocol and user accounts repository being used can be viewed at in the WebSphere web console at Security > Global security. Lightweight Third Party Authentication (LTPA) is the default authentication protocol that is used.
Local operating system is the default user account repository that is used. This can be updated so that LDAP, federated repository, or database are used as the user account repository.