Restrict user access

Dear Community,

We would like to integrate sonarqube with an external authorization auditing system.
That other system would (only) query the “api/users/search” API.
This API currently requires the highest, “Administer System” permission. Which woud give far too much privileges for this user.

Can we restrict somehow user access (or the Administer System) only to this single API endpoint “api/users/search”?

Thanks & Regards,


Welcome to the community!

This feature is currently working as designed so I’ve moved your post to the New Features category. Can you share your use case a little more fully? Why does this other system need to query users?