That's definitely an option, but not what I was specifically recommending. My suggestion is to:
- Create a workflow that takes in a set of auth data and uploads them to a shared database.
- Trigger this workflow as one of the final steps of your custom auth flow, passing your auth data as the body of the
POSTrequest.
Put together, this should effectively export your auth data and make it accessible without requiring a user to be logged in. 
Last but not least - given the fact that you're retrieving tenant IDs via a generic REST request - you should have access to the entire body of the response, which will presumably be an array.