The document discusses a data API with graph-level access control for managing queries and updates. It summarizes existing approaches that allow predefined parameterized queries subject to access controls and rewriting. It then outlines the British Museum's approach, which uses a RESTful API to manage queries and updates as resources with parameters, scheduling, and testing. Finally, it describes the ResearchSpace platform for enabling researchers to make claims on GLAM data while preserving canonical data across institutions.