We are building a backend service to pull historical analytics and need to decide between client_credentials and authorization_code grant types. Since this runs without user interaction, we assume client_credentials is the way to go, but we are seeing 403 Forbidden errors on /api/v2/analytics/users/summary when using the token generated from our service account. Is this endpoint restricted to user-scoped tokens only?