Currently, We are leveraging Teams with active sync Generally an LDAP group for viewers and an LDAP group for Admins/editors. Each Team is assigned a folder with proper permissions on it as well
What we appear to have discovered is that any folder that has permissions on it is only able to be queried by an API key with ADMIN rights on it.
Current Use Situation:
Team has created several dashboards and would like to dynamically build a list on an external website with information about the dashboards.
As the folder/dashboards are protected based on the team rights any level of API access less than admin results in no results being returned in the API.
As multiple teams exist this allows any of the teams to see/modify/delete/create dashboards in other teams folders