Forum Discussion
[Bug] ExchangeOnlineManagement uses incorrect TenantId in requests
Hi, this is a strong bug report, and I would definitely avoid using the Harmony patch as a production workaround even though it is useful proof of where the problem is.
The safest short-term mitigation is probably to pin ExchangeOnlineManagement to the last version that did not pull in the affected MSAL behavior, if that works in your environment. I would also open or add to a GitHub/support issue with a minimal repro: module version, MSAL version, tenant type, connection method, command used, and the point where pagination fails.
For large enumerations, you may be able to reduce impact by filtering into smaller result sets, but that is only a workaround. If the module is sending the realm name where the API expects the tenant GUID, the durable fix needs to come from the module owners, either by using the tenant value from the token claims or by not trusting `AuthenticationResult.TenantId` in that path.
I would also open or add to a GitHub/support issue with a minimal repro: module version, MSAL version, tenant type, connection method, command used, and the point where pagination fails.
It looks like Microsoft fixed it in 3.10.1-Preview1