diff --git a/src/Umbraco.Web.BackOffice/Security/BackOfficeAuthenticationBuilder.cs b/src/Umbraco.Web.BackOffice/Security/BackOfficeAuthenticationBuilder.cs
index d62edcc1f9..8d4e04d2c0 100644
--- a/src/Umbraco.Web.BackOffice/Security/BackOfficeAuthenticationBuilder.cs
+++ b/src/Umbraco.Web.BackOffice/Security/BackOfficeAuthenticationBuilder.cs
@@ -58,16 +58,15 @@ namespace Umbraco.Cms.Web.BackOffice.Security
         // TODO: We could override and throw NotImplementedException for other methods?
 
         // Ensures that the sign in scheme is always the Umbraco back office external type
-        private class EnsureBackOfficeScheme<TOptions> : IPostConfigureOptions<TOptions> where TOptions : RemoteAuthenticationOptions
+        internal class EnsureBackOfficeScheme<TOptions> : IPostConfigureOptions<TOptions> where TOptions : RemoteAuthenticationOptions
         {
             public void PostConfigure(string name, TOptions options)
             {
-                if (!name.StartsWith(Constants.Security.BackOfficeExternalAuthenticationTypePrefix))
+                // ensure logic only applies to backoffice authentication schemes
+                if (name.StartsWith(Constants.Security.BackOfficeExternalAuthenticationTypePrefix))
                 {
-                    return;
+                    options.SignInScheme = Constants.Security.BackOfficeExternalAuthenticationType;
                 }
-
-                options.SignInScheme = Constants.Security.BackOfficeExternalAuthenticationType;
             }
         }
     }
diff --git a/tests/Umbraco.Tests.UnitTests/Umbraco.Web.BackOffice/Security/BackOfficeAuthenticationBuilderTests.cs b/tests/Umbraco.Tests.UnitTests/Umbraco.Web.BackOffice/Security/BackOfficeAuthenticationBuilderTests.cs
new file mode 100644
index 0000000000..06cf2fad43
--- /dev/null
+++ b/tests/Umbraco.Tests.UnitTests/Umbraco.Web.BackOffice/Security/BackOfficeAuthenticationBuilderTests.cs
@@ -0,0 +1,44 @@
+// Copyright (c) Umbraco.
+// See LICENSE for more details.
+
+using Microsoft.AspNetCore.Authentication;
+using NUnit.Framework;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Web.BackOffice.Security;
+
+namespace Umbraco.Cms.Tests.UnitTests.Umbraco.Web.BackOffice.Security
+{
+    [TestFixture]
+    public class BackOfficeAuthenticationBuilderTests
+    {
+        [Test]
+        public void EnsureBackOfficeScheme_When_Backoffice_Auth_Scheme_Expect_Updated_SignInScheme()
+        {
+            var scheme = $"{Constants.Security.BackOfficeExternalAuthenticationTypePrefix}test";
+            var options = new RemoteAuthenticationOptions
+            {
+                SignInScheme = "my_cookie"
+            };
+
+            var sut = new BackOfficeAuthenticationBuilder.EnsureBackOfficeScheme<RemoteAuthenticationOptions>();
+            sut.PostConfigure(scheme, options);
+
+            Assert.AreEqual(options.SignInScheme, Constants.Security.BackOfficeExternalAuthenticationType);
+        }
+
+        [Test]
+        public void EnsureBackOfficeScheme_When_Not_Backoffice_Auth_Scheme_Expect_No_Change()
+        {
+            var scheme = "test";
+            var options = new RemoteAuthenticationOptions
+            {
+                SignInScheme = "my_cookie"
+            };
+
+            var sut = new BackOfficeAuthenticationBuilder.EnsureBackOfficeScheme<RemoteAuthenticationOptions>();
+            sut.PostConfigure(scheme, options);
+
+            Assert.AreNotEqual(options.SignInScheme, Constants.Security.BackOfficeExternalAuthenticationType);
+        }
+    }
+}
\ No newline at end of file