1 of 1 people found this helpful
It depends how is your PI Web API connected to the PI Data Archive.You can see that connected user information in the connection details through PI SMT.
You can assign that user to an Identity/Mappings which has Read/Write permission to the required tags only.
Please note that PI Point and Data security identities are inherited from Database PIPoint security and automatically added to newly created PI Point by default if not specified and cannot be be removed or restrict by default. Request you to use PI Builder to manager security PtSecurity and DataSecurity.