I want offer my end users the ability to invoke a Port self-service action at the end of their gitlab pipelines, but sharing around a superuser clientID and secret doesn't feel great.