Boom, that did it, although I had to switch to getTokenWithPopup (although I believe Silently will work off localhost).
I appreciate your patience.
If you see the other thread I linked to up top, the whole point of this is:
Login to my app - and then get my sub value to use with the management API to make calls for the logged in user. In the other thread, it was suggested it would be more secure to get the token as well and verify that as well.