ACL per credential

Hi all,

I am currently working on implementing the Kong Gateway in existing infrastructure.
The problem I am having is that I either do not fully understand the ACL plugin in Kong or this is not possible for some reason.

I want to allow certain credentials to only be allowed to use certain API’s. Meaning a credential of a consumer. I need consumers to have multiple credentials, each for a different API/service. Instead of allowing all credentials from the consumer to access the configured API’s.

Is this something that is possible, if so, how?