At the moment we have to use the API token endpoint to generate tokens for users which is cumbersome. We would like to see a self service option. Of course, any tokens should be configured to only be scopeable to permissions the user already has.