All actions in the Poppulo system are subject to security checks. These checks are performed against the user's role. For example, an API Subscriber Role would not have access to the “Content” and “Mailing” areas of the system. By using a suitably restricted role for your API user, you can limit the areas the API program can access.
Attempting to make a call that is not available from the user's role results in a security error.