Subaccount could work with superaccount data by providing "forLogin" field.
Content-Type: application/json
{"login":"subaccount login", "password":"subaccount pwd", "forLogin": "superaccount login"}
In this case, returned token allows you to manage superaccount information in same way as you work with API methods directly for your own account.
The corresponding rights have to been granted by superaccount in order for operation to succeed.
For example, if superaccount grants read only rights to monitoring tasks, the returned token will allow you to fetch
monitoring information, but POST, PUT, PATCH, DELETE methods that alter monitoring state will be prohibited.