minimal admin rights on miniserver

This is plugin specific.

Never tested that with the new permission system, and in all cases where people had problems, never a detailed conclusion was mentioned.

Most permissions are required by Miniserver Backup and Stats4Lox, as they require file system access.

Not a single plugin requires FTP permission.

Loxone themselves had not updated their permission requirement documentation to the new permission system: https://www.loxone.com/dede/kb/webservices/

If you would like to test, where the outcome might be a wiki article, here are some further infos:

Plugins sending data via UDP to the Miniserver, no specific permissions are required.

Plugins sending via http require permissions to the webservice commands http://miniserver/dev/sps/io/<Blockname> and /jdev/sps/io/<Blockname>

Plugins with file system requests use http://miniserver/dev/fslist/ requests (e.g. Miniserver Backup, Stats4Lox)

S4L also accesses your Visu structure file http://miniserver/data/LoxAPP3.json to identify config changes.

For statistics import, S4L uses http://miniserver/stats requests.

LoxBerry itself optionally use http://miniserver/dev/lan/txp requests to optimize caching behavior of the http sending library (to detect a Miniserver reboot), but also works without access.

To syncing time to the Miniserver (optionally activatable in the Services widget) LoxBerry uses the http://miniserver/dev/sys/time request.

This could be the base for testing of specific permissions.

Thanks for a very clear explanation!
I for now made a Loxberry user that is not an admin (Loxberry mentions that there may be issues with plugins) and will just see as it goes if things are broken. First debug step would be to give the Loxberry user admin rights and then work down from that.
Thanks!!!