GET for Member_roles API requires high level of permission
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
For both Group and Instance member_roles the GET seems to have far too high a priviledge requirement: https://docs.gitlab.com/ee/api/member_roles.html#manage-instance-member-roles
On Instance member_roles one requires Admin to GET the roles on the instance, meaning it becomes very hard to actually use custom roles and apply them
On Group member_roles (.com) one requires Owner of the group to GET the roles for that group, which is easier to manage but still seems too high.
We understand and agree that Create, Update and Delete operations should be at the High Level of Privilege, but do not see the need for Read/GET to be locked down so much.