CircleCI Cloud currently does not expose an API endpoint to retrieve a full list of active organization users. This capability exists on CircleCI Server (self-hosted) but is unavailable to Cloud customers.

Customer Use Case: Customer's security team conducts monthly user access audits required for SOX and financial compliance. They are attempting to integrate BelkinID (an IAM/identity management platform) with CircleCI via API to automate user list extraction and offboarding verification. Without a Cloud-side user list API, this process must be done manually via the CircleCI dashboard.

Problem: The CircleCI user list does not always match GitHub membership. Non-developer users (e.g., PMs, security engineers) can be added directly to a CircleCI org without a GitHub account, meaning GitHub-based queries are insufficient for a complete audit.

Requested Capability: A REST API endpoint (or enhanced existing API scope) for CircleCI Cloud orgs that returns the full list of active organization members, regardless of VCS origin.

Business Impact: Compliance teams at fintech companies are required to audit all system access monthly. Manual processes introduce audit risk and slow down offboarding workflows. This feature would unblock IAM integrations (BelkinID, Okta, etc.) for Cloud customers and reduce compliance overhead.