Users & Permissions Plugin > Roles > Authenticated does not recognize plugin::foo.bar either.
It seems that API and Role permissions only recognize content types with routes. It seems fair that the permissions for plugin::foo.bar cannot be configured because it does not have the associated routes, but then I’m starting to wonder why it allows population with Full Access and Read-only API tokens in the first place. Why is it possible for these types of API tokens to populate it despite there are no routes for it?