diff --git a/charts/wonderwall/Feature.yaml b/charts/wonderwall/Feature.yaml
index cf0def4..b8ab412 100644
--- a/charts/wonderwall/Feature.yaml
+++ b/charts/wonderwall/Feature.yaml
@@ -30,6 +30,10 @@ values:
     description: Enables forward auth server. Requires Azurerator and loadbalancer-fa to be enabled.
     config:
       type: bool
+  azure.forwardAuth.domainHint:
+    description: Domain hint for Azure AD authentication to prevent account selector when users are signed in with multiple accounts in different tenants.
+    config:
+      type: string
   azure.forwardAuth.groupIds:
     description: Additional group IDs to grant access to
     config:
diff --git a/charts/wonderwall/templates/fa-deployment.yaml b/charts/wonderwall/templates/fa-deployment.yaml
index a1624e6..607e105 100644
--- a/charts/wonderwall/templates/fa-deployment.yaml
+++ b/charts/wonderwall/templates/fa-deployment.yaml
@@ -57,6 +57,10 @@ spec:
             value: "5s"
           - name: WONDERWALL_OPENID_PROVIDER
             value: "azure"
+          {{- if .Values.azure.forwardAuth.domainHint }}
+          - name: WONDERWALL_OPENID_DOMAIN_HINT
+            value: "{{ .Values.azure.forwardAuth.domainHint }}"
+          {{- end }}
           - name: WONDERWALL_REDIS_CONNECTION_IDLE_TIMEOUT
             value: "{{ .Values.redis.connectionIdleTimeout }}"
           - name: WONDERWALL_SESSION_MAX_LIFETIME
diff --git a/charts/wonderwall/values.yaml b/charts/wonderwall/values.yaml
index 9ded685..26cdf0c 100644
--- a/charts/wonderwall/values.yaml
+++ b/charts/wonderwall/values.yaml
@@ -27,6 +27,7 @@ azure:
     ssoDomain:
     ssoServerSecretName: wonderwall-azure-sso-server
     groupIds: [] # ["<group-id>"] - additional group IDs to grant access to
+    domainHint:
 idporten:
   enabled: false
   clientAccessTokenLifetime: 3600