diff --git a/src/Microsoft.Identity.Web/MergedOptions.cs b/src/Microsoft.Identity.Web/MergedOptions.cs
index b9d270aa7..781ae856e 100644
--- a/src/Microsoft.Identity.Web/MergedOptions.cs
+++ b/src/Microsoft.Identity.Web/MergedOptions.cs
@@ -44,6 +44,7 @@ public ConfidentialClientApplicationOptions ConfidentialClientApplicationOptions
         public LogLevel LogLevel { get; set; }
         public string? RedirectUri { get; set; }
         public bool EnableCacheSynchronization { get; set; }
+        internal bool MergedWithCca { get; set; }
 
         internal static void UpdateMergedOptionsFromMicrosoftIdentityOptions(MicrosoftIdentityOptions microsoftIdentityOptions, MergedOptions mergedOptions)
         {
@@ -254,6 +255,7 @@ internal static void UpdateMergedOptionsFromMicrosoftIdentityOptions(MicrosoftId
 
         internal static void UpdateMergedOptionsFromConfidentialClientApplicationOptions(ConfidentialClientApplicationOptions confidentialClientApplicationOptions, MergedOptions mergedOptions)
         {
+            mergedOptions.MergedWithCca = true;
             mergedOptions.AadAuthorityAudience = confidentialClientApplicationOptions.AadAuthorityAudience;
             mergedOptions.AzureCloudInstance = confidentialClientApplicationOptions.AzureCloudInstance;
             if (string.IsNullOrEmpty(mergedOptions.AzureRegion) && !string.IsNullOrEmpty(confidentialClientApplicationOptions.AzureRegion))
diff --git a/src/Microsoft.Identity.Web/TokenAcquisition.cs b/src/Microsoft.Identity.Web/TokenAcquisition.cs
index 89f7f0de3..5d6612696 100644
--- a/src/Microsoft.Identity.Web/TokenAcquisition.cs
+++ b/src/Microsoft.Identity.Web/TokenAcquisition.cs
@@ -82,7 +82,14 @@ public TokenAcquisition(
 
         internal MergedOptions GetOptions(string authenticationScheme)
         {
-            return _mergedOptionsMonitor.Get(authenticationScheme);
+            var mergedOptions = _mergedOptionsMonitor.Get(authenticationScheme);
+            if (!mergedOptions.MergedWithCca)
+            {
+                var ccaOptionsMonitor = _serviceProvider.GetService<IOptionsMonitor<ConfidentialClientApplicationOptions>>();
+                ccaOptionsMonitor?.Get(authenticationScheme);
+            }
+
+            return mergedOptions;
         }
 
         /// <summary>
@@ -363,13 +370,14 @@ public Task<AuthenticationResult> GetAuthenticationResultForAppAsync(
             }
 
             authenticationScheme = GetEffectiveAuthenticationScheme(authenticationScheme);
+            
             MergedOptions mergedOptions = GetOptions(authenticationScheme);
 
             // Case of an anonymous controller, no [Authorize] attribute will trigger the merge options
             if (string.IsNullOrEmpty(mergedOptions.Instance))
             {
-                var mergedOptionsMonitor = _serviceProvider.GetRequiredService<IOptionsMonitor<JwtBearerOptions>>();
-                mergedOptionsMonitor.Get(JwtBearerDefaults.AuthenticationScheme);
+                var mergedOptionsMonitor = _serviceProvider.GetService<IOptionsMonitor<JwtBearerOptions>>();
+                mergedOptionsMonitor?.Get(JwtBearerDefaults.AuthenticationScheme);
             }
 
             if (string.IsNullOrEmpty(tenant))