Introduce account and authorization.
- Each account has a password and is associated with every subscription that has the same email-address.
- Authentication at the API now requires the email-address and the account password.
- Authorization is based on the account derived from policies that are defined for each resource.
- Accounts can be flagged as "api_superadmin" by using a CLI-subcommand. api_superadmins may do any request at the API, regardless of subscription of admin-status.
relates #281 (closed)
Edited by Nina