VZAgent 4.0.0 introduces an entirely new user authentication management system. In VZAgent 3.0.x, user authentication was performed against the operating system user database, a Windows domain database, or the SSH user database (when an SSH connection was used). The new system uses a concept of realms. In VZAgent terms, realm is a user database that may reside on a local machine or on some remote network location. The type of the database can vary from the operating system user registry to an LDAP-compliant directory. A VZAgent installation can be made aware of these databases by creating realm definitions and storing them in the VZAgent configuration files. A user can then be authenticated against any of the available realms.
What it means to you is that in existing applications, the code invoking the API calls where a user ID and password is required must be revised to use the new-style login parameters and values. If that's not done, the user authentication will no longer work.