Grant permission to change users

I want to have some administrator users with permissions to change other users. I’m using the GraphQL API, and while I can create new users I can’t edit existing one (I get “Insufficient auth”), but it’d be okay to use the REST API if necessary. What I need is essentially to have custom code to grant or block the update, probably changing parse-server/rest.js at 4c29d4d23b67e4abaf25803fe71cae47ce1b5957 · parse-community/parse-server · GitHub?

Is there a way to do this grant? Or would I need to write my own endpoint and handle it all myself, with useMasterKey to override the default settings? Thank you

For security reasons, by default, users cannot modify other users. I’d use cloud code functions (with useMasterKey) for that. You can even extend the GraphQL schema and bind a new mutation to a cloud code function that you’ve created for that.