fix ClientAuthMiddleware

Management/Security/ClientAuthMiddleware.cs

@@ -277,7 +277,11 @@ public sealed class ClientAuthMiddleware
             var validationParams = new TokenValidationParameters
             {
                 ValidateIssuer    = true,
-                ValidIssuers      = new[] { $"{instance.TrimEnd('/')}/{tenantId}/v2.0" },
+                ValidIssuers      = new[]
+                {
+                    $"https://login.microsoftonline.com/{tenantId}/v2.0",
+                    $"https://sts.windows.net/{tenantId}/"
+                },
                 ValidateAudience  = true,
                 ValidAudiences    = new[] { clientId, $"api://{clientId}" },
                 ValidateLifetime  = true,

Management/appsettings.json

@@ -48,7 +48,7 @@
    *   4. Create a client secret → copy value → set Graph__ClientSecret env var
    */
   "Graph": {
-    "TenantId": "0be4c23a-6941-4bdb-b397-a4faf88de4b3",
+    "TenantId": "f56a3c51-9b5c-4356-920f-b4dcf932a96b",
     "ClientId": "b0f29246-91e7-4615-96db-5de9b6f8da2e",
     "ClientSecret": ""
   }