Update template used as an example

docs/specifications/access_control_and_ownership.md

@@ -1,4 +1,4 @@
-[Back to Specifications](README.md)
+[Back to Specifications](readme.md)
 
 # VestaCP Access Control and Ownership
 VestaCP is built on the concept of federated access control and ownership for users. The hierarchy of ownership is as follows:
@@ -15,3 +15,31 @@ VestaCP uses a federated authentication model. Users can authenticate using thei
 
 *Note: Additional authentication such as SSO, SAML, and OAuth will be part of the roadmap for VestaCP.*
 
+## Data Model
+The authentication data model relies on a primary email address as the unique identifier for users. The data model includes the following fields:
+- Email (primary key)
+- First Name
+- Last Name
+- Password (hashed)
+- Two-factor authentication (enabled/disabled)
+- Two-factor authentication secret
+- Role (admin, organization owner, team owner, user)
+- Organisations (array of organization IDs)
+- Teams (array of team IDs)
+- Created on
+- Updated on
+
+## Functionality
+The following functionality is available in VestaCP:
+- Create and manage users
+- Create and manage organizations
+- Create and manage teams
+- Assign users to organizations and teams
+- Assign roles to users
+- Enable two-factor authentication for users
+- Disable two-factor authentication for users
+- Send password reset emails
+- Reset passwords
+
+## API
+Please see the API documentation for more information on how to interact with the VestaCP authentication API at [API Documentation](../api/readme.md).