Item-access-based activation of an item set for an item-restricted token associated with a primary token

What is claimed is: 1. A token generation and authentication system for facilitating item-related network operations across different third-party entity systems using item-restricted access tokens in place of one or more primary access tokens of a user account, the system comprising: one or more hardware processors and non-transitory computer readable media comprising instructions that, when executed by the one or more hardware processors, cause operations comprising: detecting, based on an image stream from a user device, first items accessible via a first website associated with a first third-party entity, the image stream representing a user of the user device browsing the first website and selecting the first items; binding, based on authentication of the user and the detection of the first items, an item-restricted access token for use restricted to network operations related to items matching the first items, wherein the item-restricted access token is linked to a primary access token of an account of the user; after the binding of the item-restricted access token, obtaining a request for a network operation related to candidate items accessible via a second website that is (i) not affiliated with the first website and (ii) associated with a second third-party entity different from the first third-party entity, the request indicating use of the item-restricted access token for accessing the candidate items; and performing validation of the network operation related the candidate items based on the item-restricted access token such that: (i) the validation indicates that the network operation related to the candidate items is valid in response to a determination that each item identifier of the candidate items is the same as at least one item identifier of the first items of the item-restricted access token; and (ii) the validation indicates that the network operation related to the candidate items is invalid in response to a determination that at least one item identifier of the candidate items fails to match any item identifier of the first items of the item-restricted access token, wherein the candidate items are provided by the second third-party entity for the user in response to the validation indicating that the network operation related to the candidate items is valid. 2. The system of claim 1 , the operations further comprising: after an activation of the item-restricted access token, detecting, based on monitoring of a subsequent image stream associated with the user, the candidate items accessible via the second website associated with the second third-party entity, the subsequent image stream representing the user browsing the candidate items on the second website; and storing, based on the detection of the candidate items, candidate item information in association with the item-restricted access token in a database, the candidate item information indicating (i) item identifiers of the candidate items and (ii) a browsing timestamp corresponding to the browsing of the second website, wherein the validation indicates that the network operation related to the candidate items is valid in response to a determination that (i) each of the indicated item identifiers of the candidate items is the same as at least one item identifier of the first items of the item-restricted access token and (ii) an action timestamp corresponding to the network operation matches the browsing timestamp. 3. A method comprising: detecting a first item accessible via a first website accessed by a user, the first website being associated with a first entity; binding, based on authentication of the user and the detection of the first item, an item-restricted token for accessing an item corresponding to the first item; after the binding of the item-restricted token, obtaining a request for an action related to a candidate item accessible via a second entity different from the first entity, the request indicating use of the item-restricted token for accessing the candidate item; providing training data to a prediction model to train the prediction model, wherein the training data comprises item-related training data; and performing validation of the action related to the candidate item based on providing, (i) candidate item-related data corresponding to the candidate item and (ii) item-related data corresponding to the first item obtained via the item-restricted token, as input to the trained prediction model to generate an output indicating whether the candidate item corresponds to the first item, wherein the validation validates the action related to the candidate item based on the output of the prediction model indicating that the candidate item corresponds to the first item of the item-restricted token. 4. The method of claim 3 , further comprising: determining a plurality of items sets comprising first and second item sets, the first item set comprising a first identifier associated with the first item and one or more other identifiers associated with other items accessible via the first website, the second item set comprising the first identifier without the one or more other identifiers; and causing, based on the detection of the first item, a notification to be presented at a user device of the user, the notification requesting a user selection of an item set from among the plurality of item sets to which the item-restricted token is to be bound, wherein binding the item-restricted token comprises binding, based on the user selection obtained via the notification, the item-restricted token to a user-selected item set corresponding to the user selection. 5. The method of claim 3 , further comprising: obtaining an access timestamp corresponding to access by the user of a second website associated with the second entity and an action timestamp corresponding to the action related to the candidate item, wherein the validation validates the action related to the candidate item based on (i) the candidate item matching the first item of the item-restricted token and (ii) the action timestamp matching the access timestamp. 6. The method of claim 3 , further comprising: after an activation of the item-restricted token, detecting candidate items accessible via a second website associated with the second entity accessed by the user; and storing, based on the detection of the candidate items, candidate item information in association with the user in a database, the candidate item information indicating (i) the candidate item and (ii) an access timestamp corresponding to the access of the second website by the user, wherein the validation validates the action related to the candidate item based on (i) the candidate item matching the first item of the item-restricted token and (ii) an action timestamp corresponding to the action matching the access timestamp. 7. The method of claim 3 , further comprising: obtaining a first access timestamp corresponding to the access of the first website by the user, a second access timestamp corresponding to access by the user of a second website associated with the second entity, and an action timestamp corresponding to the action; wherein the validation validates the action related to the candidate item based on (i) the candidate item matching the first item of the item-restricted token, (ii) the first access timestamp being within a time threshold of the second access timestamp, and (iii) the action timestamp matching the second access timestamp. 8. The method of claim 3 , wherein the validation validates the action related to the candidate item based on an item identifier of the candidate item being the same as an item identifier of the first item of the item-restricted token. 9. The method of