am I right that access tokens have all capabilities of a user? so there is currently no way to limit token to certain stacks or restrict whether it can create new stack or not for instance?

If your organization is on a Team or Enterprise plan (or free trial), you’ll see a Teams tab in the Pulumi console that lets you ascribe stack-specific permissions to a team, yes.