agreed if the auth (as rohit defines) is explicit to a tenant that is disabled, then it should be unauthorized. if the auth is just user+password, relying on a default tenant choice, then its more unclear.
agreed if the auth (as rohit defines) is explicit to a tenant that is disabled, then it should be unauthorized. if the auth is just user+password, relying on a default tenant choice, then its more unclear.