Your organization is migrating business-critical applications to Google Cloud across multiple projects. You have IAM permissions only at the organization level. You need to grant project access to support engineers from two partner organizations, allowing them to use their existing identity provider (IdP) credentials. What should you do?