When creating an API token, can I grant it permissions that my own user does not have?
No, when you create an API token, the permissions granted to that token are restricted to the permissions that you are assigned. If you try to assign permissions you do not possess, you will receive the following error:
You don't have 1 or more of the selected permissions and therefore you can't assign them elsewhere