Follow on to CONSOLE-2748. The user's access token is currently hard-coded in the POC. We should handle OAuth challenges from each managed cluster. This likely requires having a separate cookie per cluster with the user's access token for that cluster. The backend will need to read the right session cookie value based on the cluster the API request is for.

This is related to CONSOLE-2767 which removes the hard-coded cluster list.