# Users aviowiki has an internal User management system that performs the functions of Authentication and Authorisation, as well as other administrative functions. [API Tokens](/authentication/api-tokens.md) are issued for and assigned to a specific User, and follow the same [Authorisation](/authentication/authorisation.md) rules as the User who owns them. Users are identified internally by their User [AID](/conventions/aviowiki-ids.md), with namespace `USR`. For example `USR-AA11-22BB`. When creating an account, users are required to provide a `login` and `password` . `login` should be in the form of an email address. `password` doesn't have any specific level of complexity required, however we **strongly** encourage people to be responsible with their passwords.\ If you need to have a memorable password (one you can remember without the help of a [Password Manager](https://en.wikipedia.org/wiki/Password_manager), consider using a [passphrase](https://en.wikipedia.org/wiki/Passphrase) which is [easy to remember, but difficult to guess](https://xkcd.com/936/).\ However the cases in which you really need to use a memorable password are nowadays quite limited. We always recommend to use a [Password Manager](https://en.wikipedia.org/wiki/Password_manager) where possible. ### User object When retrieving information about a user from the API, you will receive a user object which follows the structure shown below: ``` { "aid": "USR-AA11-22BB", "name": "Demo User", "login": "demo@example.com", "password": null, "roles": [ "USER" ], "reward": 0 } ``` `aid` indicates the [AID](/conventions/aviowiki-ids.md) of the user. `name` is a plaintext name that the user chose at the time of sign-up. `login` the login credential to authenticate the user. `password` is always returned `null` in all responses. `roles` is a list of [Authorisation roles](/authentication/authorisation.md) assigned to the user. `reward` is the total count of [reward points](/reward-points.md) collected by the user. For more user actions see: {% content-ref url="/pages/-MSKFx3qkk6\_W0IW3VzG" %} [Broken mention](broken://pages/-MSKFx3qkk6_W0IW3VzG) {% endcontent-ref %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.aviowiki.com/authentication/users.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.