I don't understand the question.
Configuration elements can be updated in many ways (via REST API, via scripting code, via content import) but all of them require some sort of access to vRO, at least the user should have proper credentials to login and perform the update.
Could you provide more details on your use case? How do you envision your team to update something they don't have access to?