RELATED IDEAS
Manage Users admins shouldn't be allowed to change the admin roles for themselves or other users
People in our organization are given the Manage Users admin role in order to manage the licenses associated to paid seats. However, the Manage Users admins are able to assign additional administrative privileges to themselves & other users. Among concerns, the most immediate issue is that users can be given the ability to add/change/remove customizations that affect other workspaces. Because the alternative is business process that is costly to maintain, it would be beneficial for Manage Users admins to not be able to assign/modify administrative privileges.
We do use paid seat groups. Part of the reason we have to use the "Manage users" permission is a result of paid seat group owners not being able to remove users from their groups- so the group owners end up assigning licensed roles to users without picking a paid seat group. Our primary admin group ends up with additional burden either way.
Thanks for reaching out. Have you considered using paid seat groups instead of granting the "Manage users" permission? Please reach out to support@aha.io and we will be happy to help see if that would meet your needs.
To clarify, this applies to a custom role that only has access to the "Billing > Users" permissions.
If the problem can be resolved a different way than I have suggested, then we'll take it!