This worked for me. I had a CI/CD pipeline that was using app specific login credentials to submit a binary to be notarized. This morning I switched to Apple Connect API keys, and now the submission is successful. It appears that Apple doesn't know that their developer services authentication for app specific logins is not working.

NLTeo's post below worked for me.

I think what those terms mean is that you can't build a third party service that makes use of the Connect API to provide services. But of course you can use the Connect API to submit your own apps for notarization.