diff --git a/internal/identity/microsoft.go b/internal/identity/microsoft.go
index 5e57812e4..e67b4d4a9 100644
--- a/internal/identity/microsoft.go
+++ b/internal/identity/microsoft.go
@@ -140,7 +140,7 @@ func (p *AzureProvider) Revoke(token string) error {
 
 // GetSignInURL returns the sign in url with typical oauth parameters
 func (p *AzureProvider) GetSignInURL(state string) string {
-	return p.oauth.AuthCodeURL(state, oauth2.AccessTypeOffline, oauth2.ApprovalForce)
+	return p.oauth.AuthCodeURL(state, oauth2.AccessTypeOffline, oauth2.SetAuthURLParam("prompt", "select_account"))
 }
 
 // Refresh renews a user's session using an oid refresh token without reprompting the user.