We would like to integrate sonarqube with an external authorization auditing system.
That other system would (only) query the “api/users/search” API.
This API currently requires the highest, “Administer System” permission. Which woud give far too much privileges for this user.
Can we restrict somehow user access (or the Administer System) only to this single API endpoint “api/users/search”?
They want to implement a central security auditing application to collect active users (with last login date) and active group memberships from various applications used within our company. Sonar is one of them.
We would not want to give “Administer System” permissions for this user to prevent accidental or malicious changes.