It would be great if Kinvey had a Business Logic module for generating some kind of limited access token for a given user. By limited I mean only valid for a certain time and ideally with some kind of permissions built in. The primary use case of this would be to send to users in emails so they could call something in the backend without first having to login. This is useful for handling invites or some kind of confirm/save/rsvp action (see Google's "Actions in the Inbox").
Ideally we could pass this access token in the query string to an endpoint instead of the Authorization header so we could make links that perform actions directly on the backend.