[Bug] IPublicClientApplication.AcquireTokenInteractive.WithTenantIdFromAuthority and IPublicClientApplication.AcquireTokenInteractive.WithTenantId does nothing when using organizations or consumers for tenant

[ThaDaVos]

Library version used

4.65.0

.NET version

9.0.100-rc.1.24452.12

Scenario

PublicClient - desktop app

Is this a new or an existing app?

This is a new app or experiment

Issue description and reproduction steps

I am using the code in Relevant code snippets to change the tenant/account type when trying to get a token interactively:

But the selector keeps showing Work/School and personal account options no matter what I supply - if instead I use PublicClientApplicationBuilder.WithAuthority and only then, the selector changes it's options - for example when setting to https://login.microsoftonline.com/consumers/ it only allows Personal Accounts to log in

Relevant code snippets

string tenantId = filterAccountType switch
        {
            MicrosoftAccountType.Personal => "consumers",
            MicrosoftAccountType.Business => "organizations",
            _ => "common"
        };

        Log($"Authenticating {email} interactively with {tenantId} tenant");

        return await app!.AcquireTokenInteractive(scopes)
            // .WithLoginHint(email)
            .WithTenantIdFromAuthority(
                new Uri($"https://login.microsoftonline.com/{tenantId}/")
            )
            .ExecuteAsync();

Expected behavior

I expected it to work the same as when using PublicClientApplicationBuilder.WithAuthority - or at least be noted somewhere it does nothing.

As to why I need this, I need it to constrict what accounts can be used - and preferably I want to prevent creating 3+ IPublicClientApplication instances just for each case...

Identity provider

Microsoft Entra ID (Work and School accounts and Personal Microsoft accounts)

Regression

No response

Solution and workarounds

Like mentioned before, my application only needs a filter/non-filter option, so this will ensue creating 3 instances IPublicClientApplication - one for consumers, one for organizations and one for common when no filter is to applied.

[bgavrilMS]

By design. The goal is that the PCA points at common or organizations and the request makes it specific to a tenant. This avoids having to re-create the PCA object.

What is the scenario where the PCA points to a tenant (i.e. single tenant app, or support for guest users) and then you want to make the request behave in a multi-tenant way ?

In any case, there is workaround - just re-create PCA object.

[ThaDaVos]

I though common, customers and organizations where considered special tenants so I thought that would work too.

As to why - cause I want to create the PCA once, but limit the login to Personal accounts or Work/School accounts depending on what mailserver is used - as my library is simply a login helper for a Clarion application to get a XOAUTH2 token for SMTP authentication - based on the given SMTP server I want to limit the login to Personal or Work/School - just to dumb-proof the system a little and in cases where someone (like myself) has a Personal and Work account with the same email, both logged into their PC, prevent the wrong one for being authenticated.

[ThaDaVos]

Can the issue please be re-opened? It's still not solved...