diff --git a/internal/auth/repository/eventsourcing/eventstore/auth_request.go b/internal/auth/repository/eventsourcing/eventstore/auth_request.go
index 30266c579f..df3f414181 100644
--- a/internal/auth/repository/eventsourcing/eventstore/auth_request.go
+++ b/internal/auth/repository/eventsourcing/eventstore/auth_request.go
@@ -521,6 +521,9 @@ func (repo *AuthRequestRepo) fillPolicies(ctx context.Context, request *domain.A
 			privateLabelingOrgID = request.UserOrgID
 		}
 	}
+	if request.RequestedOrgID != "" {
+		privateLabelingOrgID = request.RequestedOrgID
+	}
 	labelPolicy, err := repo.getLabelPolicy(ctx, privateLabelingOrgID)
 	if err != nil {
 		return err
diff --git a/internal/ui/login/handler/renderer.go b/internal/ui/login/handler/renderer.go
index 11f835a4bd..43b3891d9c 100644
--- a/internal/ui/login/handler/renderer.go
+++ b/internal/ui/login/handler/renderer.go
@@ -426,6 +426,9 @@ func (l *Login) getOrgID(authReq *domain.AuthRequest) string {
 
 func (l *Login) getPrivateLabelingID(authReq *domain.AuthRequest) string {
 	privateLabelingOrgID := domain.IAMID
+	if authReq == nil {
+		return privateLabelingOrgID
+	}
 	if authReq.PrivateLabelingSetting != domain.PrivateLabelingSettingUnspecified {
 		privateLabelingOrgID = authReq.ApplicationResourceOwner
 	}