Least priviledge is a security best practice. RBAC is a huge help in adhering to least priviledge, but RBAC is only as good as the application that hosts it. Traditional Layer 3 dataflow priviledge practices, like Firewalling, VLANing, etc. benefit immensely from an application being able to expose a separate web interface for priviledged, administrative tasks, published on a separate port from a non-prviledged, end-user-only interface.
The ask is for Artifactory to offer the capability to, at configuration time, publish an additional stripped-down WebUI on a separate port from the existing service, solely to handle end-user tasking such as: browsing repositories, pushing builds, downloading artifacts, utilizing "Set Me Up" features. While removing the ability to preform any administrative tasks completely from the stripped-down UI. A bonus ask would be for the ability to, via the admin interface in the existing WebUI, control which features are exposed on the stripped-down UI.
Features that are not exposed on the requested stripped-down UI should also not be valid REST endpoints for the backing web REST interface.