<!--IssueSummary start--> <details> <summary> Everyone can contribute. [Help move this issue forward](https://handbook.gitlab.com/handbook/marketing/developer-relations/contributor-success/community-contributors-workflows/#contributor-links) while earning points, leveling up and collecting rewards. </summary> - [Close this issue](https://contributors.gitlab.com/manage-issue?action=close&projectId=278964&issueIid=518042) </details> <!--IssueSummary end--> <!-- This issue template can be used as a great starting point for feature requests. Learn more about the process: https://handbook.gitlab.com/handbook/product/how-to-engage/#customer-feature-requests. The section "Release notes" can be used as a summary of the feature and is also required if you want to have your release post blog MR auto generated using the release post item generator: https://about.gitlab.com/handbook/marketing/blog/release-posts/#release-post-item-generator. The remaining sections are the backbone for every feature in GitLab. The goal of this template is brevity for quick/smaller iterations. For a more thorough list of considerations for larger features or feature sets, you can leverage the detailed [feature proposal](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab/issue_templates/Feature%20proposal%20-%20detailed.md). --> ### Problem to solve [Currently Trusting and Untrusting a user is managed by Administrators through GitLab's Admin area.](https://docs.gitlab.com/ee/administration/moderate_users.html#trust-and-untrust-users) This is useful but for customers managing users via automation this presents a roadblock that can only be addressed manually at the moment. ### Proposal Add a new API endpoint to Trust or Untrust a user: ``` POST /users/:id/trust POST /users/:id/untrust ``` The endpoint will: - Require appropriate authentication and authorization - Be rate-limited to prevent abuse - Be accessible only to users with Administrator access or higher ### Intended users Administrators ### Feature Usage Metrics We will track: - Number of API calls to the key retrieval endpoint - Error rates and types for the endpoint ### Does this feature require an audit event? Currently Trusting a user does not create an audit event. <!-- Label reminders Make sure to add the appropriate labels for the product stage and/or group (e.g ~"devops::plan") if known and add a comment tagging the appropriate Product Manager. Use the following resources to find the appropriate labels: - Use only one tier label choosing the lowest tier this is intended for - https://gitlab.com/gitlab-org/gitlab/-/labels - https://about.gitlab.com/handbook/product/categories/features/ Examples: /label ~group:: ~section:: ~Category: /label ~"GitLab Free" ~"GitLab Premium" ~"GitLab Ultimate" -->