Within Revenue HQ, user records relate to individuals who are authorized to perform specific actions on behalf of an application.
Users have login credentials to, and a direct relationship with, Revenue HQ. This is distinct from individuals who sign up for an application. An individual who enters into a billing relationship with an application is called an Account.
One particular user might be invited to work on multiple applications (e.g., bookkeepers, marketing agencies, contractors, etc). Because users exist in Revenue HQ outside of any one application, API calls to retrieve, modify, manage API tokens, etc. of a user are only possible to the authenticated user acting on his or her own behalf. You cannot modify another user's record.
That said, you can add, remove, and update the scopes of users authorized to manage your application.