Add auditor information to GET /users endpoint

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

Close this issue

Problem to solve

As a Compliance Manager/Security Officer I need to audit which users have Auditor role.

Intended users

Cameron (Compliance Manager)

User experience goal

Using the REST API GET /users and GET /users/:id endpoints (or GraphQL) information of users can be retrieved. The returned information contains an indication if the user has the Auditor role.

Proposal

Add User.auditor? boolean value to the returned information of the GET /users and GET /users/:id endpoints, and GraphQL.

Further details

Permissions and Security

An Administrator access token is required with api or read_api scope.
Non-admins won't see this field, just like the is_admin field is hidden from them.

Documentation

https://docs.gitlab.com/ee/api/users.html

Availability & Testing

What does success look like, and how can we measure that?

What is the type of buyer?

Is this a cross-stage feature?

Links / references

Edited Jun 23, 2025 by 🤖 GitLab Bot 🤖