Does the security on the API work the same as the user interface? i.e. A user can only see those projects where he has the rights to see and or read/update?
Release : 16.0.3, 16.1, 16.1.1
Clarity Access Rights also control what the user can do over the REST API
If the user tries to pull back / GET something they do not have View access rights to or if they try to update (PATCH/POST) something they do not have Edit access to, they will get this error