diff --git a/src/BCards.Web/Program.cs b/src/BCards.Web/Program.cs
index fdb397a..a7e6c33 100644
--- a/src/BCards.Web/Program.cs
+++ b/src/BCards.Web/Program.cs
@@ -84,20 +84,24 @@ builder.Services.AddAuthentication(options =>
     options.AuthorizationEndpoint = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize";
     options.TokenEndpoint = "https://login.microsoftonline.com/common/oauth2/v2.0/token";
 
-    if (!builder.Environment.IsDevelopment())
-    {
-        options.Events.OnRedirectToAuthorizationEndpoint = context =>
-        {
-            context.RedirectUri = context.RedirectUri.Replace("http://", "https://");
-            return Task.CompletedTask;
-        };
-    }
-
     options.Events = new OAuthEvents
     {
         OnRedirectToAuthorizationEndpoint = context =>
         {
-            context.Response.Redirect(context.RedirectUri + "&prompt=login");
+            // 1. Força HTTPS em produção
+            if (!builder.Environment.IsDevelopment())
+            {
+                context.RedirectUri = context.RedirectUri.Replace("http://", "https://");
+            }
+
+            // 2. Adiciona prompt=login para forçar seleção de conta
+            var redirectUri = context.RedirectUri;
+            if (!redirectUri.Contains("prompt="))
+            {
+                redirectUri += "&prompt=login";
+            }
+
+            context.Response.Redirect(redirectUri);
             return Task.CompletedTask;
         }
     };