see Stefans Response to your previous thread here:
The bootstrapuser is just for retrieving the service user for each tenant. I think I made this clear now multiple times. You should not use that in any other API Call of your microservice (even when it is working). The service user permissions are defined in your manifest file.
What is missing from your perspective? For what purpose do you want to expose the service user credentials outside of the microservice context? Of course you can do that but security-wise it is still a high risk because the service user has all the rights which are defined in the microservice manifest…
When we provide a value to the required interval field, a availability fragment is created for that specific M.O. Now when we are trying to send update the fragment it is not working because of that “header” in SDK. So, if we get the user credentials, we can do a rest API call and send an empty put call which will make sure that the request is coming from a device as you suggested in different post.
We have implemented what you said and it worked in local but after deployment we are getting errors. It is not able to pull the image and the service is unhealthy. Could you please help how we can resolve this issue? If any extra roles required for this "context service*.