I am trying to use the Onelogin API with granular access to roles. This is similar to how a User would be granted access to manage specific roles.
When creating an API credential pair I noticed there is no option to restrict access to specific roles that the API would manage.
The issue with this is that the access token has too much permissions and hence poses security concerns.
I created a credential pair with manage users/roles. This token gave access to manage all users.
Is it possible to limit what roles an API token can access?