Get Current User Guild Member should return permissions

[randomairborne]

As of right now, using the guilds.members.read scope, the guild member object does not return a permissions field. I think this would be useful, as I personally would be quite wary as a user of the workaround using the guilds scope. Granting guilds to applications I don't completely trust can be used for substantial tracking and profiling, and I don't like the thought of even being able to do that. Requiring the application to already know the guild ID could allow for some more principle of least privilege compliant solutions for e.g. bot dashboards which check user permissions based on guild membership.

Endpoint: GET /users/@me/guilds/{guild.id}/member
Field: permissions

[mdtro]

+1

We're running into the same issue and want to avoid asking for access to all of a user's guilds -- even if it's just high-level information.

[zlach]

+1

I am also wondering about this question.

My application is a very UI-based app that would allow users to read/write information that affects their managed guilds. In order to do this, I need to frequently check whether the user has admin privileges on the specific guild.

It seems strange to have to use the /users/@me/guilds endpoint and loop through all the guilds to find permissions each time I want to do this. It makes me feel like I am doing something wrong, or using the API in a way that it shouldn't be used. However, other apps seem to do similar things, so I am hoping I can too.

I would appreciate some clarity on this and agree that it would be beneficial to have the guild member include permissions.