You can create them via API, my question is if we can somehow limit the scope of an API key for that. Currently an API key scope can be limited to reading data explorer queries, but it doesn’t give an option to limit a scope to writing.
So today, if I want to give someone in my business the ability to write queries to data explorer, I have to give them a full global admin API key.