1.What is the nature and description of the request?

Introduce "API-Only" (Non-Interactive) User Accounts 

2. Why does the customer need this? (List the business requirements here)

To comply with audit and security recommendations that require technical accounts to only have access to the AAP API, blocking login to the interface.

3. How would you like to achieve this? (List the functional requirements here)

Introduction of a user-level flag (e.g., `is_service_account: true` or `api_only: true`). When this flag is enabled on a user profile:1. The system explicitly rejects any interactive login attempts (username/password or SSO) to the Web UI, returning a 403 Forbidden.
2. The system continues to accept programmatic REST API requests authenticated via OAuth2 Bearer Tokens (PATs) associated with the account.
3. The account is restricted from generating session-based cookies. __