As the bot now supports password-based login we could also move away from using access tokens at all. This would mean that the bot must be an admin user (security relevant) but also make it easier to deploy (see https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2723).
the bot could then use either the access token it uses for messaging or an access token obtained for this purpose to interact with the admin API
As the bot now supports password-based login we could also move away from using access tokens at all. This would mean that the bot must be an admin user (security relevant) but also make it easier to deploy (see https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2723).
the bot could then use either the access token it uses for messaging or an access token obtained for this purpose to interact with the admin API