I definitely empathize but:
> There is no role-based access control for the Railway API — every token is effectively root. The Railway community has been asking for scoped tokens for years. It hasn't shipped.
Why the hell did you go with their stack then? RBAC should be table stakes for such a solution, no?
Ironic given that real railways invented the access control "token" for safety purposes in the middle of the nineteenth century: https://en.wikipedia.org/wiki/Token_(railway_signalling)