How do you distribute an npm private package to customers?

There are lots of use cases for teams leveraging private npm packages for internal purposes. Is there a model in github for to distributing access to a private package to external customers? Basically subscription access to an npm package. Each customer would get their own npm access token giving them access to the private package. When they leave their access token would be removed and they wouldn’t be able to access the package anymore.

Ideally I could create an access token via api when the customer is created and provide it to them to install the package and delete the token when they cancel.

From what I can tell github apis can’t create access tokens for security reasons. Is there something I’m missing that would allow me to distribute access to a private package programmatically in github? Thanks