+Authorize AppConfig fragment writes by a fixed per-scope rule: a superadmin may write any scope, and any other authenticated caller may write only their own user-scope fragment (domain/public are superadmin-only). Fragment write endpoints move from superadmin-only to authenticated with per-write scope checks (BEP-1052).
0 commit comments