Why do I need a backend implementation for just simply resening a verification email?

Hello, so I want to force users to verify their email by restricting features. But I also want to implement a simple form where user resend the confirmation email if they have not gotten one from signing up.

I tried doing this with getAccessTokenSilently, but I found out I cannot give update:users permission for the https://{domain}/api/v2/jobs/verification-email endpoint on the frontend, meaning I will have to expose my Admin Access token just to resend a confirmation email.

Is there anyway to do this, can I restrict my admin access token permissions?