diff --git a/sdk/identity/azure-identity/src/main/java/com/azure/identity/implementation/IdentityClientOptions.java b/sdk/identity/azure-identity/src/main/java/com/azure/identity/implementation/IdentityClientOptions.java
index d31305a71c178..c11e43cb4f090 100644
--- a/sdk/identity/azure-identity/src/main/java/com/azure/identity/implementation/IdentityClientOptions.java
+++ b/sdk/identity/azure-identity/src/main/java/com/azure/identity/implementation/IdentityClientOptions.java
@@ -818,9 +818,12 @@ public IdentityClientOptions clone() {
             .setPerCallPolicies(this.perCallPolicies)
             .setPerRetryPolicies(this.perRetryPolicies)
             .setBrowserCustomizationOptions(this.browserCustomizationOptions)
-            .setChained(this.isChained)
-            .setBrokerWindowHandle(this.brokerWindowHandle)
-            .setEnableLegacyMsaPassthrough(this.enableMsaPassthrough);
+            .setChained(this.isChained);
+
+        if (isBrokerEnabled()) {
+            clone.setBrokerWindowHandle(this.brokerWindowHandle);
+            clone.setEnableLegacyMsaPassthrough(this.enableMsaPassthrough);
+        }
         if (!isInstanceDiscoveryEnabled()) {
             clone.disableInstanceDiscovery();
         }
diff --git a/sdk/identity/azure-identity/src/test/java/com/azure/identity/implementation/IdentityClientOptionsTest.java b/sdk/identity/azure-identity/src/test/java/com/azure/identity/implementation/IdentityClientOptionsTest.java
index 60f6b7bf734f6..7e1b47abcbc57 100644
--- a/sdk/identity/azure-identity/src/test/java/com/azure/identity/implementation/IdentityClientOptionsTest.java
+++ b/sdk/identity/azure-identity/src/test/java/com/azure/identity/implementation/IdentityClientOptionsTest.java
@@ -42,4 +42,13 @@ public void testDisableAuthorityValidationAndInstanceDiscovery() {
         identityClientOptions.disableInstanceDiscovery();
         Assertions.assertFalse(identityClientOptions.isInstanceDiscoveryEnabled());
     }
+
+    @Test
+    public void testCloneDoesNotEnableThingsItShouldNot() {
+        IdentityClientOptions identityClientOptions = new IdentityClientOptions();
+
+        IdentityClientOptions clonedOptions = identityClientOptions.clone();
+        Assertions.assertFalse(clonedOptions.isBrokerEnabled());
+        Assertions.assertFalse(clonedOptions.isUnsafeSupportLoggingEnabled());
+    }
 }