html_url,issue_url,id,node_id,user,created_at,updated_at,author_association,body,reactions,issue,performed_via_github_app https://github.com/simonw/datasette/issues/1852#issuecomment-1291277913,https://api.github.com/repos/simonw/datasette/issues/1852,1291277913,IC_kwDOBm6k_c5M91ZZ,4399499,2022-10-26T00:26:11Z,2022-10-26T00:26:11Z,NONE,"> On that basis, I think the model described above where tokens mainly work to provide an ""act on behalf of this actor"" - but with optional additional constraints - is a good one. This is what we do for Sandstorm essentially and I fully agree it's the right way to do API tokens in multiuser systems. Constraints will definitely be important though. I know I want a token to submit error reports programmatically, but I wouldn't want that token to convey my right to delete tables and records, Little Bobby Tables is out there somewhere, and he's all grown up now.","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1421552095,