Sure would be helpful.
You have to refresh your “not a robot” oauth2 token about every week to then use another endpoint to get a session key.
Access by a regular API key would basically be a “how much is this account worth” tool for leaked keys. The opposite of using such an endpoint to monitor unauthorized spending.