Introduce a new token type called Embedded Token that can be issued in exchange for an API key, so that the embeddable Control Centre widget can authenticate securely without relying on user sessions or login tokens. This will enable lightweight, stateless authentication for embedded or system-level integrations where user context (such as user_id or role_id) is not required.