We added a new permission to the API key generation process, enabling you to restrict an API key to "View Only" permissions.
When linking an API key to a user, you're linking the user's permissions to the key. Now, you can restrict the permissions of the user's API key to GET requests only.
For more information, see Generate an API key.
Now, when using the API to create or edit an API key, add the restricted_to_role_id parameter to your request and include the new 102 value to limit the API key to GET requests only.
Example request for Create key endpoint