From 110de007569624639a263b76f545985498a5445c Mon Sep 17 00:00:00 2001
From: Neha Bhargava <61847233+neha-bhargava@users.noreply.github.com>
Date: Thu, 28 Aug 2025 16:02:20 -0700
Subject: [PATCH] Remove passing x-client-os as query param in authorization
 uri

---
 .../Requests/Interactive/AuthCodeRequestComponent.cs      | 8 ++++----
 .../PublicApiTests/ConfidentialClientApplicationTests.cs  | 6 +++++-
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/src/client/Microsoft.Identity.Client/Internal/Requests/Interactive/AuthCodeRequestComponent.cs b/src/client/Microsoft.Identity.Client/Internal/Requests/Interactive/AuthCodeRequestComponent.cs
index b2fb4bbd3e..20e177229c 100644
--- a/src/client/Microsoft.Identity.Client/Internal/Requests/Interactive/AuthCodeRequestComponent.cs
+++ b/src/client/Microsoft.Identity.Client/Internal/Requests/Interactive/AuthCodeRequestComponent.cs
@@ -214,10 +214,10 @@ private Dictionary<string, string> CreateAuthorizationRequestParameters(Uri redi
                     _requestParams.RequestContext.CorrelationId.ToString();
             }
 
-            foreach (KeyValuePair<string, string> kvp in MsalIdHelper.GetMsalIdParameters(_requestParams.RequestContext.Logger))
-            {
-                authorizationRequestParameters[kvp.Key] = kvp.Value;
-            }
+            MsalIdHelper.GetMsalIdParameters(_requestParams.RequestContext.Logger)
+                .Where(kvp => kvp.Key != MsalIdParameter.OS)
+                .ToList()
+                .ForEach(kvp => authorizationRequestParameters[kvp.Key] = kvp.Value);
 
             if (_interactiveParameters.Prompt == Prompt.NotSpecified)
             {
diff --git a/tests/Microsoft.Identity.Test.Unit/PublicApiTests/ConfidentialClientApplicationTests.cs b/tests/Microsoft.Identity.Test.Unit/PublicApiTests/ConfidentialClientApplicationTests.cs
index 3a91b05b29..8ccf3568df 100644
--- a/tests/Microsoft.Identity.Test.Unit/PublicApiTests/ConfidentialClientApplicationTests.cs
+++ b/tests/Microsoft.Identity.Test.Unit/PublicApiTests/ConfidentialClientApplicationTests.cs
@@ -991,6 +991,8 @@ public async Task GetAuthorizationRequestUrl_IgnoreLoginHint_UseCcsRoutingHint_T
                     .ConfigureAwait(false);
 
                 AssertCcsHint(uri, "oid:oid@tid");
+                Dictionary<string, string> qp = CoreHelpers.ParseKeyValueList(uri.Query.Substring(1), '&', true, null);
+                ValidateCommonQueryParams(qp);
             }
         }
 
@@ -1025,6 +1027,8 @@ public async Task GetAuthorizationRequestUrl_WithLoginHint_UseLoginHintForCcsRou
                     .ConfigureAwait(false);
 
                 AssertCcsHint(uri, $"upn:{TestConstants.DisplayableId}");
+                Dictionary<string, string> qp = CoreHelpers.ParseKeyValueList(uri.Query.Substring(1), '&', true, null);
+                ValidateCommonQueryParams(qp);
             }
         }
 
@@ -1347,7 +1351,7 @@ private static void ValidateCommonQueryParams(
             Assert.AreEqual(Prompt.SelectAccount.PromptValue, qp["prompt"]);
             Assert.AreEqual(TestCommon.CreateDefaultServiceBundle().PlatformProxy.GetProductName(), qp["x-client-sku"]);
             Assert.IsFalse(string.IsNullOrEmpty(qp["x-client-ver"]));
-            Assert.IsFalse(string.IsNullOrEmpty(qp["x-client-os"]));
+            Assert.IsFalse(qp.ContainsKey("x-client-os"));
         }
 
         [TestMethod]