Great explanation, and you're absolutely correct that I don't/shouldn't want to persist the access token in the web api. With your help and a lot of grinding I believe I have this figured out. One of the biggest hurdles was my misconception of how multi-tenancy works in FusionAuth. I thought that one application could be shared across multiple tenants but they cannot. Not a big deal because applications can be easily created with your APIs. Just as a suggestion, maybe the FusionAuth documentation could make this a little more clear for others who are exploring your offering.
Thanks for your great support!