I'm looking for a way to allow access via a WP woocommerce shop pushing orders to the Magento shop using SOAP. Problem however is how I am able to only give out access to one (new) storeview, so not all info can be access if anything goes wrong.
I hope someone is able to point me in the right direction.
By default you won't be able to set that restriction.
You should add some check to valiate the request and the actions over the endpoint (setting the website/store view ids).
I'm not fully sure but maybe this link can help you to start to explore: https://magento.stackexchange.com/questions/133582/limit-rest-api-access-to-specific-store-view