From a security point of view it makes sense, mods shouldn’t be able to delegate permission to access things like this for someone elses channel to a 3rd party without the broadcasters permission. Should the app misuse the API endpoints, the broadcaster themselves would have no possibility to revoke that permission as it would be the mod who has the connection to the 3rd party app, and the broadcaster may not know which mod is responsible.
There’s nothing stopping any app developer to create a permissions system on your side to allows mods to interact with these endpoints, you just need the broadcaster to first grant your app access to use these features on their channel.