Nexus Repository 3 provides REST API calls to list users and roles with associated privileges.
REST API to list users (Nexus Repository 3.17+):
curl -X GET "http://localhost:8081/service/rest/beta/security/users" -H "accept: application/json" -u <user>:<password>
The output from this call includes roles assigned to the users.
REST API to list roles (Nexus Repository 3.19+):
curl -X GET "http://localhost:8081/service/rest/beta/security/roles" -H "accept: application/json" -u <user>:<password>
The output from this call includes the privileges assigned to roles.
Output for both of these calls includes users and groups from both the default and LDAP realms.
More documentation is available here:
https://help.sonatype.com/repomanager3/rest-and-integration-api/security-management-api
Nexus Repository 3 provides a user interface under System > API which can be used to generate and test these commands in your environment.