Docs feedback: Need to document required permissions

https://docs.gitlab.com/ee/user/packages/npm_registry/

This document advises users to use a PAT to read from an NPM registry. Intuitively, the read_registry scope seems like it should do the trick, but it doesn't. The required scope is api, but that's not in the docs anywhere that I can find. It should be.