Http api call for api/datasources with api key or basic auth receives permission denied for Viewer or Editor roles

Is it expected behavior that an API key or User (basic auth) must be of Admin Role to obtain a list of the datasources (just listing no edit action)? or is there something I am missing regarding configuration.

Yes, that’s expected.