The web api tokens have an all or nothing sort of capability.
I am running a sonar enterprise server and would like to include one of the tokens with my plugin so I can automatically bind the github repo to sonar project via devops integration (api/alm_settings/set_binding), but in order to do this I need to include a user token which gives whoever has access to the token complete admin access. It’s too risky to do this and there is no built in function with any of the sonar plugins to do this.
It should be possible to create a token that can only do one very specific action.