# Users aviowiki has an internal User management system that performs the functions of Authentication and Authorisation, as well as other administrative functions. [API Tokens](https://docs.aviowiki.com/authentication/api-tokens) are issued for and assigned to a specific User, and follow the same [Authorisation](https://docs.aviowiki.com/authentication/authorisation) rules as the User who owns them. Users are identified internally by their User [AID](https://docs.aviowiki.com/conventions/aviowiki-ids), with namespace `USR`. For example `USR-AA11-22BB`. When creating an account, users are required to provide a `login` and `password` . `login` should be in the form of an email address. `password` doesn't have any specific level of complexity required, however we **strongly** encourage people to be responsible with their passwords.\ If you need to have a memorable password (one you can remember without the help of a [Password Manager](https://en.wikipedia.org/wiki/Password_manager), consider using a [passphrase](https://en.wikipedia.org/wiki/Passphrase) which is [easy to remember, but difficult to guess](https://xkcd.com/936/).\ However the cases in which you really need to use a memorable password are nowadays quite limited. We always recommend to use a [Password Manager](https://en.wikipedia.org/wiki/Password_manager) where possible. ### User object When retrieving information about a user from the API, you will receive a user object which follows the structure shown below: ``` { "aid": "USR-AA11-22BB", "name": "Demo User", "login": "demo@example.com", "password": null, "roles": [ "USER" ], "reward": 0 } ``` `aid` indicates the [AID](https://docs.aviowiki.com/conventions/aviowiki-ids) of the user. `name` is a plaintext name that the user chose at the time of sign-up. `login` the login credential to authenticate the user. `password` is always returned `null` in all responses. `roles` is a list of [Authorisation roles](https://docs.aviowiki.com/authentication/authorisation) assigned to the user. `reward` is the total count of [reward points](https://docs.aviowiki.com/reward-points) collected by the user. For more user actions see: {% content-ref url="broken-reference" %} [Broken link](https://docs.aviowiki.com/authentication/broken-reference) {% endcontent-ref %}