1.       At present, it’s not possible (or, at least, not evidently possible) to assign permissions to a user without knowing their UUID, which can be looked up in the users API.  Would we be interested in advocating for having a piece of the backend doing this lookup for us?