Are there any settings that would allow a user to use SuiteTalk with token based auth, but not allow the same user to access a restlet with the same tokens?