We want to setup a generic user + token to provide access to our installation. What is the strictest possible user role/rights setup to allow all API queries? The API seems to be read only currently, but that may probably change in the future - that’s why we want to setup the user as restricted as possible.
I gave the user “reader” and “indexer” rights, but that leaves the submissions query empty for example. Is there any recommendation on setting up a user like this?
I’d encourage you to have a look at that first. If you don’t find a solution that you’re looking for, let us know, and we’ll see where we can go from there.