[Bug] In web api scenario, use the `tid` claim of the incoming assertion

[bgavrilMS]

Which version of Microsoft Identity Web are you using?
Note that to get help, you need to run the latest version.

Where is the issue?

• Web app
  • Sign-in users
  • Sign-in users and call web APIs
• Web API
  • Protected web APIs (validating tokens)
  • Protected web APIs (validating scopes)
  • Protected web APIs call downstream web APIs
• Token cache serialization
  • In-memory caches
  • Session caches
  • Distributed caches
• Other (please describe)

In a multi-tenanted web api, IdWeb should acquire the OBO token using a tenanted authority, where the tenant is the tid claim of the incoming assertion (i.e. it should not use common)

[jmprieur]

Proposed design:

add an else condition taking the user.GetTenantId()

microsoft-identity-web/src/Microsoft.Identity.Web/TokenAcquisition.cs

Lines 855 to 859 in bb2d213

	if (!string.IsNullOrEmpty(tenantId))
	{
	builder.WithTenantId(tenantId);
	}

[jennyf19]

Included in 1.25.0 release