We would like to secure a group of API proxies (bundled into an API product) with access tokens generated by Apigee. The access tokens will be retrieved by a custom service on behalf of end users from a token generation proxy in Apigee. The token generation proxy will exchange the user's Firebase ID token for an access token. 

In order for our custom service to retrieve access tokens for our API product, I believe we'd need to register the custom service as a developer app within our API product. Is there a best practice around creating these types of admin apps that aren't necessarily associated with a developer?