Restrict credentials across team members for data sources and destinations#1407

The scenario is as follows:

• Client opens a Windsor account
• Me (agency) is added as team member
• I use my login credentials across destinations: GA, Google Ads, Meta
• I use my login credentials to write to BigQuery

This is the current result of this scenario:

• All team members have now access to all my data. Including other clients GA4 properties, Google Ads, data etc
• All team members can now write to any BigQuery destination I have access to, including other clients.
• I have no way to limit access for my credentials across team members.
• There isn’t even a good way to remove my credentials from the team (support says removal from team would do the trick, but this is not the case)

This is the expected result of given scenario:

• Team members only have access to accounts and properties that I add through my credentials.
• Team members cannot write to other BigQuery destinations, other than the dataset I have added.
• Removing credentials is a one-click process, no need to remove account from team.