As the Keycloak integration goes on, we need a way to refresh the kogito-service system account from time to time (or at least check for it's validation) to guarantee the communication flow between services.

One approach could be integrate Keycloak with OpenShift OpenID. This way, the same token mounted with KOGITO-66 could be used to make authenticated calls between services.

If this is not possible, every time the Kogito Operator Controller performs a reconciliation, calls to the SSO API must be made to refresh the tokens mounted in a pre defined path for each service pod.