Broken authorization extension API /users and /users/{user_id}

I found this while I was digging:

Let me know if this solves it.

Warm Regards,
Dan