Will be nice to move Frontend access (enable/disable) and Auth method (Internal/LDAP/etc.) separatelly to roles configuration, like checkbox for API access.

This is useful for create API users with disabled Frontend access and separate Auth method, e.g. one API users have internal auth and other LDAP.