This is the schema for the BrainML XML login and response format. All repositories require login for data submission. Some in addition require it for data access. The login sends a username and password in plain-text; the response sends an opaque authorization key that may be used for the duration of a session. Additional security can be provided by running the login protocol over a transport layer, such as SSL, that provides for encryption. Login request, to be sent by client. User ID (account name) of the submitter. Password of the submitter. Plain-text. (Additional security should be provided by the transport layer, e.g. SSL.) If set to true, server will return user contact information if authentication info is valid. The default is false. Server response to login. The authKey attribute will be set to "ERROR" if login was unsuccessful. Optionally, if the server desires to provide the information, either "ERROR-USER", "ERROR-PASSWORD", or "ERROR-EXPIRED" may be sent. (Providing such clarifying information is sometimes considered a security flaw.) The login response may also contain arbitrary, application-specific element content. Authorization code. This is an opaque value that should be passed back to the server, together with userID, for subsequent operations.