At present, Front API/OAuth tokens have very wide permissions, such as the "Shared Resources" token scope allowing read+write access to all shared resources. To help improve security, it would be great to support more granular scopes such as read/...