diff --git a/scripts/setup_postgres_azurerole.ps1 b/scripts/setup_postgres_azurerole.ps1
index ac87f45b..84ee0b74 100644
--- a/scripts/setup_postgres_azurerole.ps1
+++ b/scripts/setup_postgres_azurerole.ps1
@@ -5,10 +5,11 @@ if (-not $?) {
 }
 $POSTGRES_USERNAME = (azd env get-value POSTGRES_USERNAME)
 $APP_IDENTITY_NAME = (azd env get-value SERVICE_WEB_IDENTITY_NAME)
+$AZURE_TENANT_ID = (azd env get-value AZURE_TENANT_ID)
 
 if ([string]::IsNullOrEmpty($POSTGRES_HOST) -or [string]::IsNullOrEmpty($POSTGRES_USERNAME) -or [string]::IsNullOrEmpty($APP_IDENTITY_NAME)) {
     Write-Host "Can't find POSTGRES_HOST, POSTGRES_USERNAME, and SERVICE_WEB_IDENTITY_NAME environment variables. Make sure you run azd up first."
     exit 1
 }
 
-python ./src/backend/fastapi_app/setup_postgres_azurerole.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --app-identity-name $APP_IDENTITY_NAME
+python ./src/backend/fastapi_app/setup_postgres_azurerole.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --app-identity-name $APP_IDENTITY_NAME --sslmode require --tenant-id $AZURE_TENANT_ID
diff --git a/scripts/setup_postgres_azurerole.sh b/scripts/setup_postgres_azurerole.sh
index d14cd5b6..ad384b8a 100755
--- a/scripts/setup_postgres_azurerole.sh
+++ b/scripts/setup_postgres_azurerole.sh
@@ -5,6 +5,7 @@ if [ $? -ne 0 ]; then
 fi
 POSTGRES_USERNAME=$(azd env get-value POSTGRES_USERNAME)
 APP_IDENTITY_NAME=$(azd env get-value SERVICE_WEB_IDENTITY_NAME)
+AZURE_TENANT_ID=$(azd env get-value AZURE_TENANT_ID)
 
 if [ -z "$POSTGRES_HOST" ] || [ -z "$POSTGRES_USERNAME" ] || [ -z "$APP_IDENTITY_NAME" ]; then
     echo "Can't find POSTGRES_HOST, POSTGRES_USERNAME, and SERVICE_WEB_IDENTITY_NAME environment variables. Make sure you run azd up first."
@@ -13,4 +14,4 @@ fi
 
 . ./scripts/load_python_env.sh
 
-.venv/bin/python ./src/backend/fastapi_app/setup_postgres_azurerole.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --app-identity-name $APP_IDENTITY_NAME
+.venv/bin/python ./src/backend/fastapi_app/setup_postgres_azurerole.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --app-identity-name $APP_IDENTITY_NAME --sslmode require --tenant-id $AZURE_TENANT_ID
diff --git a/scripts/setup_postgres_database.ps1 b/scripts/setup_postgres_database.ps1
index 93a4393a..df9324da 100644
--- a/scripts/setup_postgres_database.ps1
+++ b/scripts/setup_postgres_database.ps1
@@ -5,10 +5,11 @@ if (-not $?) {
 }
 $POSTGRES_USERNAME = (azd env get-value POSTGRES_USERNAME)
 $POSTGRES_DATABASE = (azd env get-value POSTGRES_DATABASE)
+$AZURE_TENANT_ID = (azd env get-value AZURE_TENANT_ID)
 
 if ([string]::IsNullOrEmpty($POSTGRES_HOST) -or [string]::IsNullOrEmpty($POSTGRES_USERNAME) -or [string]::IsNullOrEmpty($POSTGRES_DATABASE)) {
     Write-Host "Can't find POSTGRES_HOST, POSTGRES_USERNAME, and POSTGRES_DATABASE environment variables. Make sure you run azd up first."
     exit 1
 }
 
-python ./src/backend/fastapi_app/setup_postgres_database.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --database $POSTGRES_DATABASE
+python ./src/backend/fastapi_app/setup_postgres_database.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --database $POSTGRES_DATABASE --sslmode require --tenant-id $AZURE_TENANT_ID 
diff --git a/scripts/setup_postgres_database.sh b/scripts/setup_postgres_database.sh
index 40da59f7..b8892a62 100755
--- a/scripts/setup_postgres_database.sh
+++ b/scripts/setup_postgres_database.sh
@@ -5,7 +5,8 @@ if [ $? -ne 0 ]; then
 fi
 POSTGRES_USERNAME=$(azd env get-value POSTGRES_USERNAME)
 POSTGRES_DATABASE=$(azd env get-value POSTGRES_DATABASE)
+AZURE_TENANT_ID=$(azd env get-value AZURE_TENANT_ID)
 
 . ./scripts/load_python_env.sh
 
-.venv/bin/python ./src/backend/fastapi_app/setup_postgres_database.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --database $POSTGRES_DATABASE
+.venv/bin/python ./src/backend/fastapi_app/setup_postgres_database.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --database $POSTGRES_DATABASE  --sslmode require --tenant-id $AZURE_TENANT_ID
diff --git a/scripts/setup_postgres_seeddata.ps1 b/scripts/setup_postgres_seeddata.ps1
index 3d9b906b..603bd580 100644
--- a/scripts/setup_postgres_seeddata.ps1
+++ b/scripts/setup_postgres_seeddata.ps1
@@ -5,10 +5,11 @@ if (-not $?) {
 }
 $POSTGRES_USERNAME = (azd env get-value POSTGRES_USERNAME)
 $POSTGRES_DATABASE = (azd env get-value POSTGRES_DATABASE)
+$AZURE_TENANT_ID = (azd env get-value AZURE_TENANT_ID)
 
 if ([string]::IsNullOrEmpty($POSTGRES_HOST) -or [string]::IsNullOrEmpty($POSTGRES_USERNAME) -or [string]::IsNullOrEmpty($POSTGRES_DATABASE)) {
     Write-Host "Can't find POSTGRES_HOST, POSTGRES_USERNAME, and POSTGRES_DATABASE environment variables. Make sure you run azd up first."
     exit 1
 }
 
-python ./src/backend/fastapi_app/setup_postgres_seeddata.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --database $POSTGRES_DATABASE
+python ./src/backend/fastapi_app/setup_postgres_seeddata.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --database $POSTGRES_DATABASE  --sslmode require --tenant-id $AZURE_TENANT_ID
diff --git a/scripts/setup_postgres_seeddata.sh b/scripts/setup_postgres_seeddata.sh
index 38db5262..e5aff637 100755
--- a/scripts/setup_postgres_seeddata.sh
+++ b/scripts/setup_postgres_seeddata.sh
@@ -5,7 +5,8 @@ if [ $? -ne 0 ]; then
 fi
 POSTGRES_USERNAME=$(azd env get-value POSTGRES_USERNAME)
 POSTGRES_DATABASE=$(azd env get-value POSTGRES_DATABASE)
+AZURE_TENANT_ID=$(azd env get-value AZURE_TENANT_ID)
 
 . ./scripts/load_python_env.sh
 
-.venv/bin/python ./src/backend/fastapi_app/setup_postgres_seeddata.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --database $POSTGRES_DATABASE
+.venv/bin/python ./src/backend/fastapi_app/setup_postgres_seeddata.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --database $POSTGRES_DATABASE  --sslmode require --tenant-id $AZURE_TENANT_ID
diff --git a/src/backend/fastapi_app/postgres_engine.py b/src/backend/fastapi_app/postgres_engine.py
index 1b91a10e..621dda1d 100644
--- a/src/backend/fastapi_app/postgres_engine.py
+++ b/src/backend/fastapi_app/postgres_engine.py
@@ -64,7 +64,12 @@ async def create_postgres_engine_from_env(azure_credential=None) -> AsyncEngine:
 
 async def create_postgres_engine_from_args(args, azure_credential=None) -> AsyncEngine:
     if azure_credential is None and args.host.endswith(".database.azure.com"):
-        azure_credential = AzureDeveloperCliCredential(process_timeout=60)
+        if tenant_id := args.tenant_id:
+            logger.info("Authenticating to Azure using Azure Developer CLI Credential for tenant %s", tenant_id)
+            azure_credential = AzureDeveloperCliCredential(tenant_id=tenant_id, process_timeout=60)
+        else:
+            logger.info("Authenticating to Azure using Azure Developer CLI Credential")
+            azure_credential = AzureDeveloperCliCredential(process_timeout=60)
 
     return await create_postgres_engine(
         host=args.host,
diff --git a/src/backend/fastapi_app/setup_postgres_azurerole.py b/src/backend/fastapi_app/setup_postgres_azurerole.py
index a73e3826..74d16f4b 100644
--- a/src/backend/fastapi_app/setup_postgres_azurerole.py
+++ b/src/backend/fastapi_app/setup_postgres_azurerole.py
@@ -45,6 +45,7 @@ async def main():
     # You must connect to the *postgres* database when assigning roles
     parser.add_argument("--database", type=str, help="Postgres database", default="postgres")
     parser.add_argument("--sslmode", type=str, help="Postgres SSL mode", default=None)
+    parser.add_argument("--tenant-id", type=str, help="Azure tenant ID", default=None)
     parser.add_argument("--app-identity-name", type=str, help="Azure App Service identity name")
 
     args = parser.parse_args()
diff --git a/src/backend/fastapi_app/setup_postgres_database.py b/src/backend/fastapi_app/setup_postgres_database.py
index f39abf54..499cb089 100644
--- a/src/backend/fastapi_app/setup_postgres_database.py
+++ b/src/backend/fastapi_app/setup_postgres_database.py
@@ -28,6 +28,7 @@ async def main():
     parser.add_argument("--password", type=str, help="Postgres password")
     parser.add_argument("--database", type=str, help="Postgres database")
     parser.add_argument("--sslmode", type=str, help="Postgres sslmode")
+    parser.add_argument("--tenant-id", type=str, help="Azure tenant ID", default=None)
 
     # if no args are specified, use environment variables
     args = parser.parse_args()
diff --git a/src/backend/fastapi_app/setup_postgres_seeddata.py b/src/backend/fastapi_app/setup_postgres_seeddata.py
index 05a37cf8..54c223c7 100644
--- a/src/backend/fastapi_app/setup_postgres_seeddata.py
+++ b/src/backend/fastapi_app/setup_postgres_seeddata.py
@@ -62,6 +62,7 @@ async def main():
     parser.add_argument("--password", type=str, help="Postgres password")
     parser.add_argument("--database", type=str, help="Postgres database")
     parser.add_argument("--sslmode", type=str, help="Postgres sslmode")
+    parser.add_argument("--tenant-id", type=str, help="Azure tenant ID", default=None)
 
     # if no args are specified, use environment variables
     args = parser.parse_args()