post https://staging.uniti.thread.one/api/users:discoverServiceAccounts
For all the Keycloak clients, find those which have service accounts defined and add the SpiceDB permissions to the service account users to grant devices the needed access to APIs.
No attempt is made to distinguish Keycloak clients for different tenants. All discovered service account users are granted full access to the APIs.
The response contains a list of all clients with service accounts and includes the clientID and the userID so that the caller can verify the result. Note that the response includes all service accounts, not just newly discovered ones.