diff --git a/scripts/setup_postgres_azurerole.ps1 b/scripts/setup_postgres_azurerole.ps1
index ac87f45..84ee0b7 100644
--- a/scripts/setup_postgres_azurerole.ps1
+++ b/scripts/setup_postgres_azurerole.ps1
@@ -5,10 +5,11 @@ if (-not $?) {
 }
 $POSTGRES_USERNAME = (azd env get-value POSTGRES_USERNAME)
 $APP_IDENTITY_NAME = (azd env get-value SERVICE_WEB_IDENTITY_NAME)
+$AZURE_TENANT_ID = (azd env get-value AZURE_TENANT_ID)
 
 if ([string]::IsNullOrEmpty($POSTGRES_HOST) -or [string]::IsNullOrEmpty($POSTGRES_USERNAME) -or [string]::IsNullOrEmpty($APP_IDENTITY_NAME)) {
     Write-Host "Can't find POSTGRES_HOST, POSTGRES_USERNAME, and SERVICE_WEB_IDENTITY_NAME environment variables. Make sure you run azd up first."
     exit 1
 }
 
-python ./src/backend/fastapi_app/setup_postgres_azurerole.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --app-identity-name $APP_IDENTITY_NAME
+python ./src/backend/fastapi_app/setup_postgres_azurerole.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --app-identity-name $APP_IDENTITY_NAME --sslmode require --tenant-id $AZURE_TENANT_ID
diff --git a/scripts/setup_postgres_azurerole.sh b/scripts/setup_postgres_azurerole.sh
index d14cd5b..ad384b8 100755
--- a/scripts/setup_postgres_azurerole.sh
+++ b/scripts/setup_postgres_azurerole.sh
@@ -5,6 +5,7 @@ if [ $? -ne 0 ]; then
 fi
 POSTGRES_USERNAME=$(azd env get-value POSTGRES_USERNAME)
 APP_IDENTITY_NAME=$(azd env get-value SERVICE_WEB_IDENTITY_NAME)
+AZURE_TENANT_ID=$(azd env get-value AZURE_TENANT_ID)
 
 if [ -z "$POSTGRES_HOST" ] || [ -z "$POSTGRES_USERNAME" ] || [ -z "$APP_IDENTITY_NAME" ]; then
     echo "Can't find POSTGRES_HOST, POSTGRES_USERNAME, and SERVICE_WEB_IDENTITY_NAME environment variables. Make sure you run azd up first."
@@ -13,4 +14,4 @@ fi
 
 . ./scripts/load_python_env.sh
 
-.venv/bin/python ./src/backend/fastapi_app/setup_postgres_azurerole.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --app-identity-name $APP_IDENTITY_NAME
+.venv/bin/python ./src/backend/fastapi_app/setup_postgres_azurerole.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --app-identity-name $APP_IDENTITY_NAME --sslmode require --tenant-id $AZURE_TENANT_ID