From e62a464dc60b143eb582e25795af5e3db333a450 Mon Sep 17 00:00:00 2001
From: To-om <toom@thehive-project.org>
Date: Mon, 3 Jun 2019 10:28:01 +0200
Subject: [PATCH] TheHive-Project/Cortex#194 Fix get-user-details access rules

---
 api/api-guide.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api/api-guide.md b/api/api-guide.md
index fad0ee2..40a5982 100644
--- a/api/api-guide.md
+++ b/api/api-guide.md
@@ -373,7 +373,7 @@ curl -XPATCH -H 'Authorization: Bearer **API_KEY**' -H 'Content-Type: applicatio
 It returns a JSON object representing the updated user as described [above](#user-model).
 
 ### Get Details
-This call returns the user details. It's available to users with `superAdmin` or `orgAdmin` roles. Every user can also use it to read their own details.
+This call returns the user details. It's available to users with `superAdmin` roles and to users in the same organization. Every user can also use it to read their own details.
 
 ```bash
 curl -H 'Authorization: Bearer **API_KEY**' 'https://CORTEX_APP_URL:9001/api/user/USER_LOGIN'