Internal user group and special permissions
Needs rebase from !228 (merged)
Adds a "internal" user group whose users have their tokens restricted to internal access (localhost or Docker). All other users cannot be used for internal requests.
Edited by Erwan Rouchet