diff --git a/src/Umbraco.Web.BackOffice/Controllers/UsersController.cs b/src/Umbraco.Web.BackOffice/Controllers/UsersController.cs
index 2f128f1f09..960afa365e 100644
--- a/src/Umbraco.Web.BackOffice/Controllers/UsersController.cs
+++ b/src/Umbraco.Web.BackOffice/Controllers/UsersController.cs
@@ -322,7 +322,7 @@ public class UsersController : BackOfficeNotificationsController
///
[OutgoingEditorModelEvent]
[Authorize(Policy = AuthorizationPolicies.AdminUserEditsRequireAdmin)]
- public ActionResult> GetByIds([FromJsonPath] int[] ids)
+ public ActionResult> GetByIds([FromQuery] int[] ids)
{
if (ids == null)
{
diff --git a/src/Umbraco.Web.BackOffice/DependencyInjection/UmbracoBuilder.BackOfficeAuth.cs b/src/Umbraco.Web.BackOffice/DependencyInjection/UmbracoBuilder.BackOfficeAuth.cs
index 0945d3459b..fd3bfe71bc 100644
--- a/src/Umbraco.Web.BackOffice/DependencyInjection/UmbracoBuilder.BackOfficeAuth.cs
+++ b/src/Umbraco.Web.BackOffice/DependencyInjection/UmbracoBuilder.BackOfficeAuth.cs
@@ -202,6 +202,7 @@ public static partial class UmbracoBuilderExtensions
{
policy.AuthenticationSchemes.Add(backOfficeAuthenticationScheme);
policy.Requirements.Add(new AdminUsersRequirement());
+ policy.Requirements.Add(new AdminUsersRequirement("ids"));
policy.Requirements.Add(new AdminUsersRequirement("userIds"));
});
diff --git a/src/Umbraco.Web.UI.Client/src/common/resources/users.resource.js b/src/Umbraco.Web.UI.Client/src/common/resources/users.resource.js
index 0b69bec3f5..c514be49a0 100644
--- a/src/Umbraco.Web.UI.Client/src/common/resources/users.resource.js
+++ b/src/Umbraco.Web.UI.Client/src/common/resources/users.resource.js
@@ -318,12 +318,14 @@
*/
function getUsers(userIds) {
+ var idQuery = "";
+ userIds.forEach(id => idQuery += `ids=${id}&`);
return umbRequestHelper.resourcePromise(
$http.get(
umbRequestHelper.getApiUrl(
"userApiBaseUrl",
"GetByIds",
- { ids: userIds })),
+ idQuery)),
"Failed to retrieve data for users " + userIds);
}