How can I achieve being able to run cryptdisks_start as normal user?

I have looked at how to be able to imbue in a crypttab stanza (referring to a LUKS device) to allow _a specific_ user or _any unprivileged_ user to map it. Roughly, I am looking for the equivalent of user in the mount options in /etc/fstab when mapping the LUKS device (i.e. before mounting it). The only (half way sensible) approach I have come up so far was to let my unprivileged user run a wrapper script which runs cryptdisks_start usint its absolute path as root without password, but with the name hardcoded in it. Obviously the script permissions make it impossible for the unprivileged user to tamper with it. Is there a more straightforward solution, perhaps akin to user in fstab? This is on Ubuntu 20.04 and so perhaps systemd offers some way to achieve this? After all there is a unit such as systemd-cryptsetup@.service being auto-generated by it, based on the entry in crypttab. As a side note: I am aware of pam_exec, but I am currently in the process of pondering which one works better for me. Either way it appears that there is no way to run it without superuser privileges.