All data to be used for authenticating a user is store in a special zettel called user zettel.  A user zettel must have set the following two metadata fields:
user-id (user identification)
The unique identification to be specified for authentication.
credential
A hashed password as generated by the zettelstore password command.
The title of the zettel typically specifies the real name of the user.
The following metadata elements are optional:
user-role
Associate the user with some basic privileges, e.g. a user role
A user zettel may additionally contain metadata that overwrites corresponding values of the runtime configuration.
A user zettel can only be created by the owner of the Zettelstore.
The owner should execute the following steps to create a new user zettel:
Create a new zettel.
Save the zettel to get a identifier for this zettel.
Choose a unique identification for the user.
If the identifier is not unique, authentication will not work for this user.
Execute the zettelstore password command.
You have to specify the user identification and the zettel identifier
If you should not know the password of the new user, send her/him the user identification and the user zettel identifier, so that the person can create the hashed password herself.
Edit the user zettel and add the hashed password under the meta key credential and the user identification under the key user-id.