The SSA backend currently exposes only a limited, trusted subset of the executing user’s data, while the User Form provides a richer payload. Passing the User Form .user object to the backend is not safe, as it can be spoofed and allow user impersonation.

This idea is to expose additional trusted context about the executing user (such as team relationships) directly in the SSA backend payload, without relying on user-provided inputs.