diff --git a/go.mod b/go.mod
index 73804058c..62ecf6c67 100644
--- a/go.mod
+++ b/go.mod
@@ -78,4 +78,5 @@ require (
 	google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f // indirect
 	google.golang.org/grpc v1.53.0 // indirect
 	google.golang.org/protobuf v1.28.1 // indirect
-)
+	gopkg.in/ini.v1 v1.67.0 // indirect
+)
\ No newline at end of file
diff --git a/go.sum b/go.sum
index db7168b9d..a65d17bfc 100644
--- a/go.sum
+++ b/go.sum
@@ -705,6 +705,8 @@ gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntN
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
 gopkg.in/cheggaaa/pb.v1 v1.0.27/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw=
 gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
+gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA=
+gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
 gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME=
 gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
@@ -723,4 +725,4 @@ honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9
 honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
 rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
 rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
-rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
+rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
\ No newline at end of file
diff --git a/internal/clients/builder.go b/internal/clients/builder.go
index 07b81f064..f2442723b 100644
--- a/internal/clients/builder.go
+++ b/internal/clients/builder.go
@@ -6,6 +6,8 @@ package clients
 import (
 	"context"
 	"fmt"
+	"github.com/mitchellh/go-homedir"
+	"gopkg.in/ini.v1"
 
 	"github.com/Azure/go-autorest/autorest"
 	"github.com/hashicorp/go-azure-helpers/authentication"
@@ -23,12 +25,38 @@ type ClientBuilder struct {
 	Features                    features.UserFeatures
 }
 
+// GetResourceIDFromCloudsConfig attempts to read the endpoint_active_directory_resource_id from clouds.config
+func GetResourceIDFromCloudsConfig() (string, error) {
+	cloudsConfigPath, err := homedir.Expand("~/.azure/clouds.config")
+	if err != nil {
+		return "", fmt.Errorf("expanding clouds.config path: %v", err)
+	}
+
+	cloudsConfig, err := ini.Load(cloudsConfigPath)
+	if err != nil {
+		return "", nil // ignore errors if file doesn't exist
+	}
+
+	for _, section := range cloudsConfig.Sections() {
+		if section.HasKey("endpoint_active_directory_resource_id") {
+			return section.Key("endpoint_active_directory_resource_id").String(), nil
+		}
+	}
+
+	return "", nil
+}
+
 func Build(ctx context.Context, builder ClientBuilder) (*Client, error) {
 	env, err := authentication.AzureEnvironmentByNameFromEndpoint(ctx, builder.AuthConfig.MetadataHost, builder.AuthConfig.Environment)
 	if err != nil {
 		return nil, fmt.Errorf("determining environment: %v", err)
 	}
 
+	// Try to get TokenAudience from clouds.config
+	if resourceID, err := GetResourceIDFromCloudsConfig(); err == nil && resourceID != "" {
+		env.TokenAudience = resourceID
+	}
+
 	// client declarations:
 	account, err := NewResourceManagerAccount(ctx, *builder.AuthConfig, *env, builder.SkipProviderRegistration)
 	if err != nil {
@@ -66,7 +94,7 @@ func Build(ctx context.Context, builder ClientBuilder) (*Client, error) {
 	}
 
 	// Storage Endpoints
-	storageAuth, err := builder.AuthConfig.GetADALToken(ctx, sender, oauthConfig, endpoint)
+	storageAuth, err := builder.AuthConfig.GetADALToken(ctx, sender, oauthConfig, env.TokenAudience)
 	if err != nil {
 		return nil, fmt.Errorf("unable to get authorization token for storage endpoints: %+v", err)
 	}
@@ -89,7 +117,7 @@ func Build(ctx context.Context, builder ClientBuilder) (*Client, error) {
 		CustomCorrelationRequestID:  builder.CustomCorrelationRequestID,
 		Environment:                 *env,
 		TokenFunc: func(endpoint string) (autorest.Authorizer, error) {
-			authorizer, err := builder.AuthConfig.GetADALToken(ctx, sender, oauthConfig, endpoint)
+			authorizer, err := builder.AuthConfig.GetADALToken(ctx, sender, oauthConfig, env.TokenAudience)
 			if err != nil {
 				return nil, fmt.Errorf("getting authorization token for endpoint %s: %+v", endpoint, err)
 			}
@@ -107,4 +135,4 @@ func Build(ctx context.Context, builder ClientBuilder) (*Client, error) {
 	}*/
 
 	return &client, nil
-}
+}
\ No newline at end of file
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 4b0e53637..854cb1003 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -440,3 +440,6 @@ google.golang.org/protobuf/types/known/anypb
 google.golang.org/protobuf/types/known/durationpb
 google.golang.org/protobuf/types/known/emptypb
 google.golang.org/protobuf/types/known/timestamppb
+# gopkg.in/ini.v1 v1.67.0
+## explicit
+gopkg.in/ini.v1
\ No newline at end of file