Now, our services can have scoped identities and no longer require the root client token be passed to them.
Instead we will have to setup the services to initial called /v1/auth/kubernetes/login with a json body that consists of role and jwt
Role : name of role on vault
JWT : this is the service account token that is mounted to the pod
Upon successfully validation Vault returns a json body that describes your auth status that includes your scoped client token among other things.