The documentation of the allusers API module says:
aurights: Only include users with the given rights. Does not include rights granted by implicit or auto-promoted groups like *, user, or autoconfirmed.
A similar restriction applies to the augroup parameter, although it's not explicitly documented.
I can't fathom why this restriction exists in the first place, if not for technical limitations in the current code. It would be nice to remove this restriction and accept all groups and rights. So much so because of a counterintuitive behaviour that I will mention below.
I can also provide a use case for this: the Campaigns team would like to have a form with an UsersMultiselect component. Ideally, this component would only suggest users who have a certain user right. UsersMultiselect uses the allusers API to obtain a list of users, and it looks like it would be simple enough to add support for passing the aurights parameter. However, the right in question is assigned to all users by default, and therefore cannot be passed to the allusers API.
And here's the counterintuitive behaviour: say you have a user right assigned to the user group. If you execute the request api.php?action=query&format=json&list=allusers&formatversion=2&aurights=my-user-right, the API responds with an empty set. By reading the documentation one should already expect that they won't get a list of users with that right, but at least they could think they'll get an unfiltered list of users. Instead, for some reason it just returns absolutely nothing (skimming through the code, I suspect it's because it queries the DB directly and certain user group memberships aren't stored in the DB). Note that implicit groups cannot be passed to augroup, but at least if you execute api.php?action=query&format=json&list=allusers&formatversion=2&augroup=user the response contains a warning that the value is invalid, as well as the unfiltered list of users.