You seem to be on the right track. The Add Account script step is indeed IWP compatible for creating a new user, re-login is also IWP compatible but can not perform the re-login without dialog (the user will be prompted to log in again manually).
As far as using "run with full access privledges" on your account creation script, there is a filemaker article on that: http://help.filemaker.com/app/answers/detail/a_id/318/~/a-script-run-with-full-access-privileges-could-give-a-restricted-user
You definitely want to do thorough testing of your solution to make sure it can't be abused. But it does allow you the ability to run the account creation/re-login script you outline above.
As far as trying to create two accounts at the same time, there will never be a collision as filemaker is transaction based (meaning the second user would queue after the first user's request, regardless of hitting it at the same time). What you do want to watch out for is trapping the error for the second user:
I believe error #12 "Name already exists" is what you want to trap for.