I recently learned that with version 12 comes the possibility to use roles with the REST API, but only when using token based authentication.

That’s fantastic! Finally there is a secure way of using the REST API without handing over administrative access.

Adding an example in Powershell and a link to an article on Devcentral about how to do it in Python.

Updating with code from the Powershell Guru Joel Newton on how to patch the token to make it valid for 10 hours instead of the default 20 minutes:

I also recommend checking out Joels Powershell module at the Devcentral codeshare!