Limit the Access Tokens feature to admins (or set a minimum user level)

Description

Every user can pull an API access token. Many admins have to support whatever their users have access to. Some admins (such as us) want to limit the functionality that is offered to the users in order to minimize confusion and/or support requests.

Proposal

To have a system setting to:

• limit the Access Tokens feature to only Admins and/or
• set a minimum user level for users to gain access to the API token level (e.g. masters-and-above).

If this is implemented, the option should also be removed from the user GUI for users that don't have access (to minimize clutter).