When using the Ploi API you will need to configure the scopes (or so called permissions) for your API key. Ploi makes this very easy through our UI.
Each endpoint requires it's own scopes. For example, if you want to interact with cronjobs and cronjobs only, you will have to consider to only allow the cronjob scopes.
This allows much more customization per API token and protects routes that should not be triggered that easily or by accident. For example, you can avoid disaster by excluding the site deletion and server deletion scope so nothing gets removed accidentally.