So far the packages does not allow that, but that’s probably possible as we do such thing with many others apps.
First I would encourage you to open an issue on the repo for this app, that way, it could be done in a future update. (Even though that app is currently waiting for a new packager)
Unfortunately, authorizing only to read paste isn’t that easy.
I don’t know that app (as I don’t use it myself), but the thing is you have to identify what are the pages that have to be private and the format of the url for a paste.
(Actually having a look on the official demo…)
As far as I can see, there’s no other pages than the root of the app and the pastes.
And all pastes start with a ‘?’
I think you should try with the app public and add
sudo yunohost app setting zerobin protected_regex -v "domain.tld/path/$"
Which should protect only the root of the app.
And if it doesn’t work, try the opposite.
Keep the app private and add
sudo yunohost app setting zerobin unprotected_regex -v "domain.tld/path/\?.*$"
After any modification, you have to update your config with
sudo yunohost app ssowatconf
Also, in case you have ‘-’ in your domain name, replace them by a ‘.’ for the regex.