Need more information on #API-8341 from the 1802 Release notes.
- It just states: When an API user expands directReports, matrixReports, hrReports or any other XXXXReports, the returned child records respect RBP permissions.
Below are additional details on this feature-
Until now, even if the API user didn't have permission to access a certain user(who appears to also be a manager), it could still be retrieved using naviagtions in Odata API. But starting from 1802, this will not be possible.
- User.matrixManager will obey the Employee Data->Matrix Manager permission
- User.matrixReports will obey the Employee Data->Matrix Manager permission
- User.manager will obey the Employee Data->Manager permission
- Also if a user does not have access to Contingent workers, even they will be prohibited from the $expand results.
Note: Since there is no permission for "custom manager", those are not in scope.
API-8341, matrixManager, manager, RBP, permissions, API user , KBA , LOD-SF-INT-API , API & Adhoc API Framework , LOD-SF-INT , Integrations , How To