I'd like to create programmatically via API a new Account for accessing my Google Cloud Platform.
I'm already doing it for GSUITE (provisioning users via OAUTH), is it possible to do the same also with Google Cloud Platform?
Is it possible to do it for an "non-google" external account maybe with an invitation on the email?
Having already the setup for OAUTH in GSuite, is it possible to use the same token / account to perform also this operations (maybe assigning more scopes)?
Are this API (https://cloud.google.com/iam/docs/granting-changing-revoking-access) the only available?
Updating the IAM policy is indeed the only way to use an API to grant access on a "pure GCP" level.
However, you can give a role in a project to a Google Group (or a few, if you require different access levels), and then simply manage the group using the GSuite Admin SDK.