Hello @David Broggy , by default an Azure AD member user can create groups and be assigned to them as owner which will allow them to add or remove users as required. They can also invite guest users through External Identities.
Now, in order to create users, you will need at least the User Administrator role which may be too powerful. Azure Privileged Identity Management can help you provide such role for a limited time only to a selected user pool.
The most permission tight approach here is to develop an application that consumes the MS Graph API and allows the user to create users and optionally to delete them but nothing else. Also, this will allow you to enrich such management flows with actions such as automatic user to group member addition.
Let us know if this answer was helpful to you or if you need additional assistance. If it was helpful, please remember to accept it and complete the quality survey so that others in the community with similar questions can more easily find a rated solution.