We have a multi-tenant web application and are busy implementing SSO (OpenID with Azure) and are considering a possible security issue.
In our application, it is poss
