diff --git a/.gitignore b/.gitignore
index 16399a6..68e89b3 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,4 +2,7 @@ gitignore
 # Python virtual environments
 venv/
 
-app/
\ No newline at end of file
+# Python cache
+__pycache__/
+app/__pycache__/
+*.pyc
\ No newline at end of file
diff --git a/app/__pycache__/auth.cpython-311.pyc b/app/__pycache__/auth.cpython-311.pyc
index cf66f44..fd4ec4d 100644
Binary files a/app/__pycache__/auth.cpython-311.pyc and b/app/__pycache__/auth.cpython-311.pyc differ
diff --git a/app/__pycache__/database.cpython-311.pyc b/app/__pycache__/database.cpython-311.pyc
index f745474..8946a9b 100644
Binary files a/app/__pycache__/database.cpython-311.pyc and b/app/__pycache__/database.cpython-311.pyc differ
diff --git a/app/__pycache__/main.cpython-311.pyc b/app/__pycache__/main.cpython-311.pyc
index eea18b7..2b54f72 100644
Binary files a/app/__pycache__/main.cpython-311.pyc and b/app/__pycache__/main.cpython-311.pyc differ
diff --git a/app/__pycache__/models.cpython-311.pyc b/app/__pycache__/models.cpython-311.pyc
index 2328b8d..40b68e9 100644
Binary files a/app/__pycache__/models.cpython-311.pyc and b/app/__pycache__/models.cpython-311.pyc differ
diff --git a/app/__pycache__/schemas.cpython-311.pyc b/app/__pycache__/schemas.cpython-311.pyc
index ecd12b0..7c42b8b 100644
Binary files a/app/__pycache__/schemas.cpython-311.pyc and b/app/__pycache__/schemas.cpython-311.pyc differ
diff --git a/app/main.py b/app/main.py
index 828fe1d..eb3d156 100644
--- a/app/main.py
+++ b/app/main.py
@@ -235,7 +235,27 @@ async def get_designated_assets(
     )
     return result.scalars().all()
 
-
+@app.get("/users/search", response_model=List[schemas.UserOut])
+async def search_users(
+    query: str,
+    current_user: models.User = Depends(auth.get_current_user),
+    db: AsyncSession = Depends(database.get_db)
+):
+    """
+    Search for users by username or email.
+    """
+    if not query:
+        raise HTTPException(status_code=400, detail="Search query is required")
+        
+    # Search for username or email containing the query (case-insensitive)
+    result = await db.execute(
+        select(models.User).where(
+            (models.User.username.ilike(f"%{query}%")) | 
+            (models.User.email.ilike(f"%{query}%"))
+        ).limit(20)  # Limit results for performance
+    )
+    users = result.scalars().all()
+    return users
 
 
 @app.post("/admin/declare-guale")
diff --git a/test/core/__pycache__/sp_trust_sharding.cpython-310.pyc b/test/core/__pycache__/sp_trust_sharding.cpython-310.pyc
index 001e99a..c0e9063 100644
Binary files a/test/core/__pycache__/sp_trust_sharding.cpython-310.pyc and b/test/core/__pycache__/sp_trust_sharding.cpython-310.pyc differ
diff --git a/test/core/__pycache__/sp_vault_aes.cpython-310.pyc b/test/core/__pycache__/sp_vault_aes.cpython-310.pyc
index 11401e9..28a7fae 100644
Binary files a/test/core/__pycache__/sp_vault_aes.cpython-310.pyc and b/test/core/__pycache__/sp_vault_aes.cpython-310.pyc differ
diff --git a/test/test_user_search.py b/test/test_user_search.py
new file mode 100644
index 0000000..679d28f
--- /dev/null
+++ b/test/test_user_search.py
@@ -0,0 +1,50 @@
+import httpx
+import asyncio
+
+BASE_URL = "http://localhost:8000"
+
+async def test_search():
+    async with httpx.AsyncClient() as client:
+        # 1. Login to get token
+        login_data = {
+            "username": "testuser",
+            "password": "testpassword"
+        }
+        # First, try to register if user doesn't exist (assuming test env)
+        try:
+            await client.post(f"{BASE_URL}/register", json={
+                "username": "testuser",
+                "email": "test@example.com",
+                "password": "testpassword"
+            })
+        except:
+            pass
+
+        response = await client.post(f"{BASE_URL}/login", json=login_data)
+        if response.status_code != 200:
+            print(f"Login failed: {response.text}")
+            return
+        
+        token = response.json()["access_token"]
+        headers = {"Authorization": f"Bearer {token}"}
+
+        # 2. Test search by username
+        print("Testing search by username 'test'...")
+        response = await client.get(f"{BASE_URL}/users/search?query=test", headers=headers)
+        print(f"Status: {response.status_code}")
+        print(f"Body: {response.json()}")
+
+        # 3. Test search by email
+        print("\nTesting search by email 'example'...")
+        response = await client.get(f"{BASE_URL}/users/search?query=example", headers=headers)
+        print(f"Status: {response.status_code}")
+        print(f"Body: {response.json()}")
+
+        # 4. Test search with no results
+        print("\nTesting search with no results 'nonexistent'...")
+        response = await client.get(f"{BASE_URL}/users/search?query=nonexistent", headers=headers)
+        print(f"Status: {response.status_code}")
+        print(f"Body: {response.json()}")
+
+if __name__ == "__main__":
+    asyncio.run(test_search())