We want to be able to specify which APIs a client can access. This is a several phase project involving

phase 1: back-patch old customers

• Adding some sort of permissions column to associate permitted APIs with a client
• Back-patching all existing client ids to have total access with the new system
• Update API client_id check to see if a specific API is permitted.

phase 2: allow new customers

• Updating Registration API to permit specific APIs upon registration.
• Improve registration UI to have checkboxes for requested APIs (and an automatic / manual approval flow on our end)