There's no need to hack around with intercepting tokens from the frontend - users on the business plan have access to create API tokens for user invites and user attributes. Feel free to reference the docs for how to access - the scopes available to you on your plan will be visible in your specific API page under settings.