Using API Key and email in api v4 requests doesn't work as documented

The documentation for v4 of the api suggests that you can use the X-Auth-Email and X-Auth-Key to hit certain end points, like create zone, edit zone etc. But this simply does not work. I have only managed to get it to work using the Authorization header and using an API Token with the relevant permissions.

Trouble is, we offer a service where you have your own individual account with cloudflare and we make those api requests for you, so we can create users using the host-api and the user_create action, but and we can also use the same api and the full_zone_set action to create the zone under the users account. Both the user and the zone will be linked to our partner account.

But we then cannot edit the zone or make any changes using any of the v4 api end points as we have to use an auth token and the user does not have one. And it does not work using our own token either even though the zone should be linked to us, although belonging to the user.

We don’t want to ask the user to create a token manually as we are trying to offer a completely seamless automatic integration from our platform into cloudflare. I also cannot create a token for the user using the api as it requires a token for the user with the relevant permissions, so all a bit pointless.

Having said all that. Is there any way I can create an API token using the API that is then assigned to our user?