{
  "name": "accessToken",
  "base": "AccessToken",
  "baseUrl": "access-tokens",
  "acls": [
    {
      "accessType": "*",
      "permission": "DENY",
      "principalType": "ROLE",
      "principalId": "$everyone"
    },
    {
      "permission": "ALLOW",
      "principalType": "ROLE",
      "principalId": "$everyone",
      "property": "create"
    }
  ]
}