Authentication

All api endpoints support three types of accounts.

Global accounts can always access the applications and account pools owned by said account. Global user accounts can also be members of Global organisation accounts, which usually grants them access rights to any account pool or application owned by those accounts as well.

Service accounts are API only accounts that basically impersonate another global account in the context of a specific application. This is useful to be able to limit access rights to what otherwise would be full access, but any activity performed would still be done as the global account identity.

Local accounts can only be used within the context of the account pool that it belongs to. Multiple applications can still use the same account pool, but are still limited to account pools owned by the same global account as the application.