diff --git a/libraries/botframework-connector/src/auth/managedIdentityAuthenticator.ts b/libraries/botframework-connector/src/auth/managedIdentityAuthenticator.ts
index ae2ae8df0a..d2ee95b333 100644
--- a/libraries/botframework-connector/src/auth/managedIdentityAuthenticator.ts
+++ b/libraries/botframework-connector/src/auth/managedIdentityAuthenticator.ts
@@ -30,6 +30,11 @@ export class ManagedIdentityAuthenticator {
         ok(resource?.trim(), 'ManagedIdentityAuthenticator.constructor(): missing resource.');
         ok(tokenProviderFactory, 'ManagedIdentityAuthenticator.constructor(): missing tokenProviderFactory.');
 
+        const scopePostfix = '/.default';
+        if (!resource.endsWith(scopePostfix)) {
+            resource = `${resource}${scopePostfix}`;
+        }
+
         this.resource = resource;
         this.tokenProvider = tokenProviderFactory.createAzureServiceTokenProvider(appId);
     }
diff --git a/libraries/botframework-connector/tests/auth/managedIdentityAuthenticator.test.js b/libraries/botframework-connector/tests/auth/managedIdentityAuthenticator.test.js
index 89d39440c2..2236e9c625 100644
--- a/libraries/botframework-connector/tests/auth/managedIdentityAuthenticator.test.js
+++ b/libraries/botframework-connector/tests/auth/managedIdentityAuthenticator.test.js
@@ -6,7 +6,7 @@ const sinon = require('sinon');
 const { JwtTokenProviderFactory, ManagedIdentityAuthenticator } = require('../../lib');
 
 const testAppId = 'foo';
-const testAudience = 'bar';
+const testAudience = 'bar/.default';
 const authResult = {
     token: '123',
     expiresOnTimestamp: 3000,