Fleet scoped API-only users: limit API token access by endpoint

Fleet 4.85.0 introduces scoped API-only users, a new user type that limits API tokens to specific endpoints. If a token is compromised, the blast radius is limited to only the endpoints you allowed. API-only users have two layers of access control. The first is role-based, working the same as regular users with global or per-team roles. The second is at the API layer, where you specify exactly which API endpoints the user can access. Create API-only users from the Fleet UI, fleetctl, or the REST API. No email or password is required. All actions are logged in the activity feed. GitHub issue: https://github.com/fleetdm/fleet/issues/38044 Fleet 4.85.0 release notes - https://fleetdm.com/releases/fleet-4-85-0?utm_medium=SOC&utm_source=youtube&utm_campaign=Default-SOC-Social&utm_content=release_feature_highlights Learn more about Fleet - https://fleetdm.com?utm_medium=SOC&utm_source=youtube&utm_campaign=Default-SOC-Social&utm_content=release_feature_highlights