API key for read only use case needs delete:pages permission

[kmille]

Hey,
I need a read-only API key. It needs to list and get the content of the wiki pages. GraphQL (together with { "Authorization": "Bearer ...."}):

{
  pages {
    single(id: 183) {
      title
      content
    }
  }
}

The API key is assigend to a group. The query above works when the group has the delete:pages (Can delete existing pages, as specified in the Page Rules) permission. When I remove the permission, I get:

  "errors": [
    {
      "message": "You are not authorized to view this page.",

Is there anything I'm doing wrong here?