It would be great to have some kin of mechanism that limits the access tokens to only a certain organization. The use case for this is storing environment specific access secrets in CI tools.
For example, I want to deploy the staging version of my app to orgname-staging organization, while the prod version goes to orgname-prod organization. I use two different tokens for each, but as of today all tokens have full account access.
If it was possible to limit the organizational scope of access of the tokens to just a single organization, then it would be easier to maintain proper access controls to the prod environment. I.e. only devops have access to prod, while both dev+ devops have access to staging.
@jerome I’m also curious about more fine-grained permissions for API tokens.
We have a sensitive app we’d like to deploy with a GitHub action, but we’re concerned that anybody who can make a PR to that app could modify the workflow to exfiltrate the deployment token and gain further access to the app and its data.