Access Tokens unconditionally grant global read/write permissions. It would be great if we could mint tokens with granular permissions (or even just a coarse-grained "read-only" variant) to safely limit third-party access.

This is especially relevant when connecting AI agents, where granting full write capabilities can be a massive liability. For example, I ended up building a read-only MCP server[1] that filters out write endpoints at the MCP layer... but it would have been great to avoid this side-quest altogether, had there been native API-level token scope support.

[1] https://github.com/daniel5151/lunch-money-mcp-ro