There are no privileges controlling access for each specific REST endpoint other than nx-all. But if I just want to allow access to certain REST endpoints to a user, giving them nx-all ( admin) level access is too permissive.
As one customer describes for the Search REST API:
...we are looking to have this feature to be well controlled.
For example, users may use the API search/download feature without the admin's knowledge causing a performance issue. On a repositories such as Maven Groups, this could be a serious concern.