If you are using orchestrator http request activity then depending on the robot access it has they would be able to get all the details
If using api from external provider then while providing scope in external provider you can provider different scopes as needed and provide the details to end user based on what ypu want them to access
1.Define roles with specific permissions that align with the desired level of API access for each user. You can assign these roles to users or groups in Orchestrator.
2.Set up Role-Based Access Control in Orchestrator. RBAC allows you to control what users or roles can do within Orchestrator, including API access.
Assign the appropriate roles to each user based on their responsibilities and required level of API access. Users will have access to API calls permitted by their assigned roles.
Test the API calls with different user accounts to ensure that they can only access the allowed APIs based on their assigned roles.