API credentials inherit the same user privileges as the creator, thereby receiving identical Role-Based Access Control (RBAC) permissions. We would like to make this process bind at tenant level not only user