Hello, we have a partnership that requires a custom app to be created. We are allowing our partner to create the custom app and access our store via API.
Will they be able to access all of our store data (payments, customer etc) via the API or is there a way to restrict their access to only the info that they need to work with?
Thanks