During app installation, permit getting a special OAuth token which has very limited scope: account:read only, and app_subscription. This shouldn’t have a user associated with it so it always will work even if someone leaves the account.
This token with limited scope would let us ensure records are updated internally for subscriptions, account sizes, the account slug (so we can ensure its correct for lookups in our backend and support purposes)