Ah okay, now I understand the question. In this case, when you want to create a user, you would use the following csv header:
"name","authentication-method","radius-server","encryption.enable-ike"
demouser,radius,myradiusobject,true
In this case the "radius-server" value in the header is directly related to the authentication method value. So for example, you can not use this field if the authentication method is not equal to radius. The second point, in rehards to nested information you are correct, such a case can be mentioned by combining values with a dot (like "encryption.enable-ike"). But there is no general rule, as the different API calls differ in the expected values. I would advice you to strictly follow the documentation (https://sc1.checkpoint.com/documents/latest/APIs/#cli/add-user~v1.7%20). Also, just to be sure, verify that you use the correct documentation regarding your api version. (You can check your [supported] api version/s by using the command "mgmt_cli show api-versions".)
Also... if you want to create multiple users and not all of them use the radius authentication method I think you need to split the import to different csv files.
The reason for that is that the api may not be able to render information like this...
"name","authentication-method","radius-server","tacacs-server","encryption.enable-ike"
radiususer,radius,myradiusobject,NULL,true
tacacsuser,tacacs,NULL,mytacacsobject,true
I hope this explanation makes sense to follow... maybe there even is a way to do something like shown above, but in the past I created multiple files in such a case, one per auth method.