[Docs] Provide basic info about how to create a read-only api user

[mandrasch]

I tried out KQL with astro (https://astro.build/) recently, it took me some time to figure out how to create an read-only api user for authentication with the API.

Just as improvement suggestions for the README of this plugin, feel free to just close if not relevant ;-)

I just read pages via API by now, I guess files.read should also be enabled? I created the following user role:

---

Create an api user role in site/blueprints/users/api.yml and add a new user in the panel with that role:

title: Api
description: Api users, read-only
permissions:
  access:
    panel: true
    site: false
    languages: false
    system: false
    users: false
  files:
    create: false
    changeName: false
    delete: false
    read: false
    replace: false
    update: false
  languages:
    create: false
    delete: false
  pages:
    changeSlug: false
    changeStatus: false
    changeTemplate: false
    changeTitle: false
    create: false
    delete: false
    duplicate: false
    preview: false
    read: true
    sort: false
    update: false
  site:
    changeTitle: false
    update: false
  user:
    changeEmail: false
    changeLanguage: false
    changeName: false
    changePassword: false
    changeRole: false
    delete: false
    update: false
  users:
    changeEmail: false
    changeLanguage: false
    changeName: false
    changePassword: false
    changeRole: false
    create: false
    delete: false
    update: false

[lukasbestle]

You can shorten that to:

title: Api
description: Api users, read-only
permissions:
  access:
    *: false
    panel: true
  files: false
  languages: false
  pages:
    *: false
    read: true
  site: false
  user: false
  users: false

[scsskid]

its now possible to remove auth

#31 (comment)

[lukasbestle]

A read-only API user could still be useful if you don't want to allow public access but just access by your static site generator or another backend tool.