(zettel (meta (back "00001004050000 00001005090000 00001006020000 00001010000000 00001010040100 00001010040400 00001010070600 00001012050200 00001012921200 00001017000000 00001018000000") (backward "00001004020000 00001004020200 00001004050000 00001004051400 00001005090000 00001006020000 00001010000000 00001010040100 00001010040400 00001010070300 00001010070600 00001012050200 00001012921200 00001017000000 00001018000000") (box-number "1") (created "20210126175322") (forward "00001004020000 00001004020200 00001004051400 00001006050000 00001010070300") (modified "20221205160251") (published "20221205160251") (role "manual") (syntax "zmk") (tags "#authentication #configuration #manual #security #zettelstore") (title "Creating an user zettel")) (rights 4) (encoding "") (content "All data to be used for authenticating a user is store in a special zettel called \"\"user zettel\"\". \nA user zettel must have set the following two metadata fields:\n\n; ''user-id'' (\"\"user identification\"\")\n: The unique identification to be specified for authentication.\n; ''credential''\n: A hashed password as generated by the [[``zettelstore password``{=sh}|00001004051400]] command.\n\nThe title of the zettel typically specifies the real name of the user.\n\nThe following metadata elements are optional:\n\n; ''user-role''\n: Associate the user with some basic privileges, e.g. a [[user role|00001010070300]]\n\nA user zettel may additionally contain metadata that [[overwrites corresponding values|00001004020200]] of the [[runtime configuration|00001004020000]].\n\nA user zettel can only be created by the owner of the Zettelstore.\n\nThe owner should execute the following steps to create a new user zettel:\n\n# Create a new zettel.\n# Save the zettel to get a [[identifier|00001006050000]] for this zettel.\n# Choose a unique identification for the user.\n#* If the identifier is not unique, authentication will not work for this user.\n# Execute the [[``zettelstore password``|00001004051400]] command.\n#* You have to specify the user identification and the zettel identifier\n#* If you should not know the password of the new user, send her/him the user identification and the user zettel identifier, so that the person can create the hashed password herself.\n# Edit the user zettel and add the hashed password under the meta key ''credential'' and the user identification under the key ''user-id''."))