T303858 created a no-ipinfo group to revoke access to IPInfo for individual users in a given project. However, no user can, by default, add or remove anyone to or from that group.
On Wikimedia wikis, stewards and some WMF staff members in privileged local or global user groups are able to. Apparently this is how the Foundation wanted it for now per the guidelines.
While for now IPInfo is not offering any data not already visible or available, this is probably not urgent, but as the IP masking project progresses, it'd be good to determine if we want to allow local users to manage this group, and if so, which one(s).
I suggest we allow administrators to add/remove users to/from that group via the IPInfo extension.json.
Partially off-topic question: what do we do if we need to revoke an user access to IPInfo globally, across several or all Wikimedia projects? CentralAuth's global user rights, as far as I know, do not support a function such as $wgRevokePermissions, and adding the no-ipinfo group on 700+ wikis, manually, does not scale.
Thanks.