[API][FR] Describe Permissions for API Key and Token Returns

Feature Request:

The ability to discover the permissions associated with an API key or a Token.

Currently for tokens I am storing the requested scopes, but I don't have a good way to ensure that the scopes were accepted as submitted. perhaps including granted scopes in the token response?

For API Keys I am not aware of a way currently to check if permissions exist for using endpoints such as: POST /types or POST /types/{type_id}/issues

Why this would be useful:

Being able to discover this info would allow developers to 'fail early and fast' with regards to attempting to try something that wont be allowed. This helps reduce load (trivial) on the API, as well as give better verbose logging.

ERROR: You do not have permissions on this API Key to add a type to the catalog, please contact Numista support to obtain the permission: {permission}

Vs

ERROR: Invalid or missing API key, or insufficient permission

Hello,
When you get an error 401 when trying to do POST /types, the error message will indicate the specific reason: "Missing API Key", "Invalid API Key" or "Permission denied".

I understand that the message is returned, here is output from the python sdk.

{'data': {'error_message': 'Permission denied'}, 'http_info': {'http_status': 401, 'http_msg': 'Invalid or missing API key, or insufficient permission'}, 'failed': False, 'extra': {'requests': <Response [401]>}}

My point is that a 'describe' endpoint would be useful for allowing permission to be discoverable, rather that attempting and failing.

Regardless, if this won't be changed, then I will just disregard. Thank you for the response!