- if api_client_auth && !api_client_auth.user.uuid.match(/-000000000000000$/)
- raise "Token already exists but is not a superuser token."
+ if !api_client_auth
+ # fall through to create a token
+ elsif !api_client_auth.user.uuid.match(/-000000000000000$/)
+ raise "Token exists but is not a superuser token."
+ elsif api_client_auth.scopes != ['all']
+ raise "Token exists but has limited scope #{api_client_auth.scopes.inspect}."