When we use app access tokens to create subscriptions for websocket shards, am I correct to assume the webhook authorization model is used where the scopes granted to the client_id by end users is relevant (since there is no user token used in the subscription creation)?
Also, does this imply that a single websocket shard can now receive privileged data for multiple users (unlike normal websockets that are limited to a single user_id)?
Lastly, given app access tokens are used, does max_total_cost of 10 still apply to websocket shards?