We have the following use case.
1000000 users on our main plateform.
100 on our discourse instance, with SSO enable.
1 closed category with a group of 20 people within
Someone from this group ask me to add 1 person from our 1000000 users.
Lo-tech Solution: ask the person to come twice, once to create the user on discourse side, then I put the user in the group, then the person come the second time to access the content we want for her.
High-tech Solution: use the API to create the missing user, put her in the group, send her the invite.
Later: Do it for 1000000 users and the 20 closed groups we need to manage our community.