We have reworked the authentication for the REST API to be API-Token based instead of using OAuth. The scope of an API Token is always an organization and not the user itself and only admins can create API Tokens for an organization.
Applications with “Standard” and “Basic” license now automatically expose the REST API. Before today you had to have a feature flag enabled as well to access the REST API.
Admins can generate API tokens by clicking on “Organizations” then “API Access” from the dropdown menu in the top right.