We are looking to enhance our Identity Governance and Administration (IGA) workflows to automate the user lifecycle (provisioning, deprovisioning, and access reviews). To achieve this, we need granular API visibility into the relationship between users, teams, and their specific resource entitlements (Destinations and Connections).

• The Issue: We can successfully query Fivetran for user data and account roles, but the Teams API endpoint (https://api.fivetran.com/v1/teams) returns an empty array.
• Context: This is being done via an API key which was issued through our service account, SVC-Fivetran-IG-Connector, which currently has the "account reviewer" role. We suspect this is a permission issue, but we also want to avoid escalating privileges beyond what is necessary.

Also, there is no single, efficient way to programmatically map a user to their effective permissions across all Destinations and Connections. Currently, the API only surface memberships explicitly assigned to the calling user, rather than providing a global view of user-resource mapping for governance.

Requested Capability:

• Audit-Level Access: Update the account reviewer role (or create a new security auditor role) to allow GET access to the /v1/teams endpoint and all team memberships without requiring Account Admin privileges.

• Resource Mapping Endpoint: Provide an API endpoint that allows a caller to list all permissions a specific user has across the account, including inherited permissions from teams and specific memberships on Destinations and Connections.

Use Case: This is required for our RBAC Maturity Project to ensure end-to-end management of "who has access to what" within Fivetran, enabling automated compliance reporting and secure user lifecycle management without violating the principle of least privilege.