diff --git a/src/api/routes/user.ts b/src/api/routes/user.ts
index 98cd7fcc..5b1541f9 100644
--- a/src/api/routes/user.ts
+++ b/src/api/routes/user.ts
@@ -17,6 +17,7 @@ import { FastifyZodOpenApiTypeProvider } from "fastify-zod-openapi";
 import { QueryCommand } from "@aws-sdk/client-dynamodb";
 import { genericConfig } from "common/config.js";
 import { unmarshall } from "@aws-sdk/util-dynamodb";
+import { AppRoles } from "common/roles.js";
 
 const userRoute: FastifyPluginAsync = async (fastify, _options) => {
   await fastify.register(rateLimiter, {
@@ -29,7 +30,11 @@ const userRoute: FastifyPluginAsync = async (fastify, _options) => {
     "/findUserByUin",
     {
       schema: withRoles(
-        [],
+        [
+          AppRoles.VIEW_USER_INFO,
+          AppRoles.TICKETS_MANAGER,
+          AppRoles.TICKETS_SCANNER,
+        ],
         withTags(["Generic"], {
           summary: "Find a user by UIN.",
           body: searchUserByUinRequest,
diff --git a/src/common/roles.ts b/src/common/roles.ts
index 8416cc69..b6417017 100644
--- a/src/common/roles.ts
+++ b/src/common/roles.ts
@@ -3,7 +3,9 @@ import { AllOrganizationNameList } from "@acm-uiuc/js-shared";
 /* eslint-disable import/prefer-default-export */
 export const runEnvironments = ["dev", "prod"] as const;
 export type RunEnvironment = (typeof runEnvironments)[number];
-export enum AppRoles {
+export const META_ROLE_PREFIX = "__metaRole:"
+
+export enum BaseRoles {
   EVENTS_MANAGER = "manage:events",
   TICKETS_SCANNER = "scan:tickets",
   TICKETS_MANAGER = "manage:tickets",
@@ -21,9 +23,15 @@ export enum AppRoles {
   VIEW_EXTERNAL_MEMBERSHIP_LIST = "view:externalMembershipList",
   MANAGE_EXTERNAL_MEMBERSHIP_LIST = "manage:externalMembershipList",
   ALL_ORG_MANAGER = "manage:orgDefinitions",
-  AT_LEAST_ONE_ORG_MANAGER = "manage:someOrg" // THIS IS A FAKE ROLE - DO NOT ASSIGN IT MANUALLY - only used for permissioning
+  VIEW_USER_INFO = "view:userInfo",
+}
+
+export enum MetaRoles {
+  AT_LEAST_ONE_ORG_MANAGER = `${META_ROLE_PREFIX}manage:someOrg`,
 }
-export const PSUEDO_ROLES = [AppRoles.AT_LEAST_ONE_ORG_MANAGER]
+
+export const AppRoles = { ...BaseRoles, ...MetaRoles } as const;
+export type AppRoles = BaseRoles | MetaRoles;
 export const orgRoles = ["LEAD", "MEMBER"] as const;
 export type OrgRole = typeof orgRoles[number];
 export type OrgRoleDefinition = {
@@ -31,9 +39,9 @@ export type OrgRoleDefinition = {
   role: OrgRole
 }
 
-export const allAppRoles = Object.values(AppRoles).filter(
+export const allAppRoles = Object.values(BaseRoles).filter(
   (value) => typeof value === "string",
-).filter(value => !PSUEDO_ROLES.includes(value)); // don't assign psuedo roles by default
+);
 
 export const AppRoleHumanMapper: Record<AppRoles, string> = {
   [AppRoles.EVENTS_MANAGER]: "Events Manager",
@@ -54,4 +62,5 @@ export const AppRoleHumanMapper: Record<AppRoles, string> = {
   [AppRoles.MANAGE_EXTERNAL_MEMBERSHIP_LIST]: "External Membership List Manager",
   [AppRoles.ALL_ORG_MANAGER]: "Organization Definition Manager",
   [AppRoles.AT_LEAST_ONE_ORG_MANAGER]: "Manager of at least one org",
+  [AppRoles.VIEW_USER_INFO]: "User Information Viewer"
 }