I am using the API and deploy tokens to upload my site from my continuous deployment, however to do this I need to give a personal access token which has complete access to my account including the user settings and all sites. It would be best if restricted credentials could be created. For my use case I would like a token which could only be used to upload a single site. However I can imagine other restrictions such as staging uploads only, upload+rollback and rollback-only credentials.
Good suggestion, Kevin! I’ll get a feature request created so we can track requests for this over time, as well as let you know if we do implement it!