Implement a SignUpSignIn and SignUp Azure B2C or allow multiple policies in MSAL .NET

I have a requirement to implement the normal signinsignup policy as well as a signup policy for our customer journey in a Blazor Server application and Azure B2C. I have been through the MS documentation, MS Documentation and it only allows for one policy. I would like to find out if any one has managed to successfully implement multiple flows (policies) or knows of any code examples that demonstrate this?

I have created our own service extension to Add the Authentication service. This listens for the OnRedirectToIdentityProvider on the OpenIdConnectEvents.

        public static void AddMicrosoftIdentityWebAuthenticationWithPolicyHandler(this IServiceCollection services, IConfiguration config)        {            services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)                .AddMicrosoftIdentityWebApp(options =>                {                    config.Bind("AzureAdB2C", options);                    options.Events = new OpenIdConnectEvents                    {                        OnRedirectToIdentityProvider = context =>                        {                            var defaultPolicy = config["AzureAdB2C:SignUpSignInPolicyId"];                            var policy = context.Request.Query["policy"].FirstOrDefault();                            if (!string.IsNullOrEmpty(policy) && !policy.Equals(defaultPolicy))                            {                                context.ProtocolMessage.IssuerAddress = context.ProtocolMessage.IssuerAddress.Replace(defaultPolicy.ToLower(), policy.ToLower());                            }                            return Task.CompletedTask;                        }                    };                })                .EnableTokenAcquisitionToCallDownstreamApi(new string[] { config["DataServiceAPI:Scope"] })                .AddDistributedTokenCaches();        }

If we route to the MicrosoftIdentity/Account/SignIn endpoint we pass a policy=B2C_1_whatever in the url query string. The event will replace the policy in the url and routes to the correct signin or signup flow. Take note the our appsettings.json has the signinsignup policy as default "SignUpSignInPolicyId": "B2C_1_signin_signup". This all works great for the user to signup or authenticate but falls over at the next step:

Microsoft.Identity.Client.OAuth2.TokenClient.SendTokenRequestAsync(IDictionary`2 additionalBodyParameters, String scopeOverride, String tokenEndpointOverride, CancellationToken cancellationToken)

and the error we receive is

MSAL.NetCore.4.61.3.0.MsalUiRequiredException:ErrorCode: invalid_grantMicrosoft.Identity.Client.MsalUiRequiredException: AADB2C90088: The provided grant has not been issued for this endpoint. Actual Value : B2C_1_signin_signup and Expected Value : B2C_1_custom_signupCorrelation ID: ba***

I understand that this method is calling the policy in the Configuration and this is why there is a mismatch in grants. How would we get around this, or is there a better method of implementing this requirement?