Feature: Add a method which would allow us to find users that are assigned a specific permission, either via role or direct assignment.
Description: When dealing with user management the question arises of “Who can has access to this feature?”. If a combination of Roles and direct Permission assignment is used there is not a way to get a clear picture of that without iterating through every user and requesting their list of permissions one by one. This feature request is to add a method in which given a permission we can get a list of which users are assigned that either through direct assignment or via a role which contains it.
Use-case: We have run into 2 use cases for this.
Business reporting. Admins and account managers would like to know who has access to a given resource for the purposes of auditing and tracking usage. Companies have tools in our application which allow a delegated admin some control over permissions we’d like to know later if they are assigning that permission to users.
Splitting a permission. A recent requirement came up for us to split an existing permission into two permissions. Any users who already had this permission should automatically be granted both. This led us to iterate the entire user base and request if they had the permission one by one. This could have been more efficiently handled if there was a way to get the users with the permission assigned.
If we talk about dashboard users, currently there is no way to handle that, however we will be working to add Public Teams APIs for Enterprise customers towards the end of our fiscal year.
In terms of end users. If the permissions are assigned to roles, you can get the list of users assigned to a role using this Management API command: