It would be great if there was a way to create API keys with limited access.

In my case, I would like my app servers and developers to pull in prompts from PromptLayer, but the API key used to do that should not be able to update the prompts (in case of compromise, etc).