Open
Description
Currently, access tokens are scoped to the user account.
I use these tokens to automate Hackage releases.
For packages that I co-maintain with a group of people, I would strongly prefer the ability to create tokens scoped to individual packages (or a group of packages) only.
As a side note, in addition to
Authorization: X-ApiKey [YOUR-TOKEN-HERE]
should the API also accept the more standard
Authorization: Bearer [YOUR-TOKEN-HERE]
?