If you create a Web Service that employs User ID/Password security, access for executing any Web Service Operations or Resources associated to the Web Service Provider on which it resides can be managed from the Manage Users tab.
Any user with the appropriate permissions can execute any Web Service Operation or Resource that exists on that Web Service Provider by including their User ID and Password in the header of the SOAP or REST request that calls the operation or resource.
The Manage Users tab contains one pre-defined user named Admin. This user cannot be deleted.
The MVS Toolkit provides the ability to create, edit, and delete users on a defined Web Service Provider. Additionally, users can be placed in groups that help you define user access to Web Services.
See Creating and managing groups and Managing group access for more information.