Token-based admin REST API vs Service Account


I am currently using Keycloak in a Java application. Is there a security risk to using a Service Account for all of our Keycloak interactions?

An example of how it would work:

Let’s consider an Administrator account, without any realm-management roles.

The Administrator enters the application and wants to delete a user. Instead of verifying his realm-management roles from his token, we just check that he has the Administrator role and then proceed to delete the user using the Service Account (which has realm-management access).

As long as I verify the user’s role beforehand, is it safe to use the Service Account for all realm management operations?