I am writing code for an Azure function app that query Kusto using the REST API. The function app uses an appID which has access to various clusters in the tenant. To use the API, you of course need a bearer token, which works. A simple query to the database in the cluster produces a table result as it should, so authorization is not the obstacle.
The problem is the KQL query uses "let" statements that access separate clusters before joining/comparing the tables created. This approach has been tested and works in Azure Data Explorer. But from Azure, it seems I can only obtain a token for one host/resource at a time. So, while the first part of the query works, the part that queries a separate cluster fails because the token is invalid for the rest of the clusters I am joining.
Is there a way to get a token that has multiple audiences so that I can use one query from my function app? All research I have found does not indicate a way to do that with OAUTH2 / JWTs.
Thanks in advance!