Azure Automation would run an internal service serving JWTs that could be accessed across tenant boundaries.

Each time a tenant automation script would start an orchestrator service would also be started running on a random high port. This service could be used to request a JWT for the tenant. The problem was that as there was no additional authentication layer, any tenant could make requests to these services and obtain the JWT for other tenant.