User Activity

Is there a way to restrict a user to one REST endpoint? i.e. an integration user account has itil role, but can only hit one scripted rest api endpoint ACLs don't appear to be useable for this, because the first ACL that passes will provide access to...
Helpfuls given to