API Query - end user permission to Ragic data

Hi - am tinkering with the API and able to get/post data ok from my website (php) using basic authentication.
My end goal is to develop a web gui that respects permissions set within Ragic for reading/writing to ragic sheets.
Currently the Ragic API key I’m using (for testing only) is my own so website has access to everything in my Ragic DB.
Is there a way to have Ragic manage user authentication and maybe pass that user’s API key or set a session variable that allows me to know which Ragic user is logged in and manage user access / filtering etc from there ?
Or do i need to use a global API key in Ragic and then manage my own user authentication on my website managing data permissions of users and data perms myself in my own DB ?

It’s recommended that you create a separate user account dedicated for API access. But it’s also possible to do user password authentication with method described in this document: https://www.ragic.com/intl/en/doc-api/5/Password-authentication