All WordPress users are registered members of the website that have privileges to do certain tasks based on the assigned roles. The list of users can be found on the backend Users page.
By default only users with the Administrator role are allowed to see the list of users however this behavior can be modified by granting the list_users capability. Additionally AAM automatically filters out all users and roles that have higher user level. For example, if you grant access for Editors to manage users then any user with Editor role will be able to manage only Authors and Contributors. They will not be able to see any Administrators or promote themselves to higher role.
Internally users are stored into the wp_users database table. The wp_ prefix may vary depending on the value in the global $table_prefix variable that is defined in the wp-config.php file. Additionally each user record has metadata records stored in the wp_usermeta table. Some plugins, like AAM, uses this table to store additional settings related to a specific user.
If you have a need to manage list of users programmatically, it is strongly recommended to utilize existing core WordPress functions instead of manipulating user database records manually:
Each user inherits list of capabilities from the assigned role. Capabilities are combined if more than one role is assigned (for more information about this check What is a WordPress role article).
WordPress access control, for the most part is based on the RBAC model (role-based access control), however there is a way to manage capabilities for a specific user. This makes the WordPress access control as the hybrid between RBAC and ACL (access control list) models. The default WordPress installation does not have ability to manage capabilities on the user level and this limitation of the WordPress core is eliminated with AAM plugin.
User specific list of capabilities is stored in the wp_usermeta database table with the meta key name wp_capabilities. The wp_ prefix may vary based on the database table prefix stored in the global variable $table_prefix. The best way to manage this list is by using existing WordPress core functions:
For more information about how to manage your users with AAM, please check How to manage WordPress users article.