We would like to use the api to :
a) revoke a users session and
b) reset the users password
We would prefer to have a user with no “end-user-rights” to perform these api-calls (i.e. not able to log in to the application itself and see content - more like the principle of a service principle (!!)).
I’ve looked at the Delegated granular administration - Mattermost documentation, and the “User Manager” seems to be the right way to go?
But how do we limit this user as much as possible, to only be able to perform the two mentioned calls, and also - to be unable to reset the passwords for the other admin-users?