Our current authentication/authorization model only allows for a single team in the access token. We need to be more generic to support multiple teams in token.

Some POST APIs need to be updated to explicitly state which team their resource should belong to, instead of relying on the team inside the token. This will cause breaking changes to the API.

Some GET APIs will also need to be more flexible in returning a list of resources for ALL teams in the token. Some of the database interfaces will need to be modified to accept a list of teams.