Regular API key provides you with access to the entire set of products. It is also possible to limit that by assigning a segment while creating the key. If assigned the consumer will only have an access to the products which are available in the specific segment. This also means that, if write access is granted, you'll be able only to modify the data of products available within the segment. The only exception from that is when the product is created in batch request with further mutations - though possibly not yet part of the segment since you are the creator of it you can modify its data within this request.