All of the platform's security is currently build around the rh-identity header. The scheduler will be running asynchronously so it will not have a "fresh" identity header when the jobs are kicked off.

The scheduler needs a way to verify that a user still exists and obtain a "fresh" identity header.

Add a method (similar to "/internal/certauth") to the gateway to do this work for us.