See: Azure/azure-sdk-for-python#35337

When connecting to Eventhub to read data from consumer group authentication fails when using AD/Entra Authentication is used, and RBAC permissions assigned to consumer group per design for Event hub and following least access principle and avoid risk consuming application read from wrong consumer group causing problems for other consumers.
Ref: https://learn.microsoft.com/en-us/azure/event-hubs/authorize-access-azure-active-directory.
Error message: "Unauthorized access. 'Listen' claim(s) are required to perform this operation"

Fix: URI/audience passed in to the put token when authenticating the consumer should include consumer group. i.e. It should look like
"sb://.servicebus.windows.net/eventhubs//consumergroups/"
and not "sb://.servicebus.windows.net/".