Basically an API key is linked to an account. It inherits the access rights of that account. So if it only has read-only access to a certain network it will only be able to execute the GET calls pertaining to that network. I just tested this and with an account that only has read-only access to a certain network I can execute this for that network: {{baseUrl}}/networks/{{networkId}}/devices But I can't do for example: {{baseUrl}}/organizations/{{organizationId}}/deviceStatuses {{baseUrl}}/organizations/{{organizationId}}/networks So I guess it works as you should expect it to. You can execute the calls that do the same thing you would be able to do via dashboard with your account.
... View more
