TL;DR Can API key for a user be created through REST API with credentials of superadmin?
I have a backend system with its own AUTH mechanism. Users can be added and removed dynamically. I am using bugzilla for managing support tickets. We have our own front-end through which user will interact with the system. This includes creating bugs, adding comments, and doing various updates.
I want to be able to add users dynamically, which is possible through REST API in v5 (current stable). I cannot however add API key for a user dynamically. For now, I think doing the auth via loginid and password is the way to go. However, this is marked as "Will be removed in future", with recommended way for auth being the API key.