Document service user creation steps

[tlater-famedly]

This is pretty non-trivial, as there are specific roles that need to be assigned, and the scope should be limited to prevent potentially destructive operations from going beyond where they should (see #103). Currently we just test with a service user with way too many powers, so we've never considered this flow before (tests are ideally also added for any documentation we write).

Steps from @chrismafam:

Sure: To create the service user file, go to the organisation in zitadel in which you want to sync into. Go to "Users" and then to the "Service User" Tab. Create your user. To download the service-user file, you have to go to the tab "Keys" and create a new key, which you can then download. To make sure that the service user is authorized to manage users, move back to the "Organsation" Tab and (on the very top right) add a "Manager" to the organisation. Now give the Service User at least "Org User Manager" rights.

We should put this somewhere, and add some screenshots to help guide users/infra.

We could also write a script for this, but that is probably overkill.

[chrismafam]

Here are screenshots for the steps explained above: