diff --git a/src/components/layout/Header.tsx b/src/components/layout/Header.tsx
index d538411..afd62c5 100644
--- a/src/components/layout/Header.tsx
+++ b/src/components/layout/Header.tsx
@@ -70,8 +70,12 @@ export const Header = ({ breadcrumbs, currentPage, onMenuClick }: HeaderProps):
     setIsDropdownOpen(false);
     
     // Check if user is on a tenant route to determine redirect path
-    const isTenantRoute = window.location.pathname.startsWith('/tenant');
-    const redirectPath = isTenantRoute ? '/tenant/login' : '/';
+    // Note: use /tenant/ instead of /tenant to avoid matching /tenants
+    const isTenantRoute = window.location.pathname.startsWith('/tenant/') || window.location.pathname === '/tenant';
+    const isSuperAdmin = roles.includes('super_admin');
+    
+    // Super admins always go to root login, tenant users go to /tenant/login if on a tenant route
+    const redirectPath = isSuperAdmin ? '/' : (isTenantRoute ? '/tenant/login' : '/');
     
     try {
       // Call logout API with Bearer token
diff --git a/src/components/shared/PrimaryButton.tsx b/src/components/shared/PrimaryButton.tsx
index 2e26b78..ed007fb 100644
--- a/src/components/shared/PrimaryButton.tsx
+++ b/src/components/shared/PrimaryButton.tsx
@@ -57,7 +57,8 @@ export const PrimaryButton = ({
   const isTenantAdmin = !isSuperAdmin && rolesArray.length > 0;
   
   // Check if we're on a tenant route (for login page where user might not be authenticated)
-  const isTenantRoute = typeof window !== 'undefined' && window.location.pathname.startsWith('/tenant');
+  // Use /tenant/ or exactly /tenant to avoid matching /tenants page
+  const isTenantRoute = typeof window !== 'undefined' && (window.location.pathname.startsWith('/tenant/') || window.location.pathname === '/tenant');
   
   // Use theme colors for tenant admin or tenant routes, default colors for super admin
   const shouldUseTheme = (isTenantAdmin || (isTenantRoute && !isSuperAdmin)) && theme;
diff --git a/src/components/shared/SecondaryButton.tsx b/src/components/shared/SecondaryButton.tsx
index b59e7c3..3a4c390 100644
--- a/src/components/shared/SecondaryButton.tsx
+++ b/src/components/shared/SecondaryButton.tsx
@@ -50,7 +50,8 @@ export const SecondaryButton = ({
   const isTenantAdmin = !isSuperAdmin && rolesArray.length > 0;
   
   // Check if we're on a tenant route (for login page where user might not be authenticated)
-  const isTenantRoute = typeof window !== 'undefined' && window.location.pathname.startsWith('/tenant');
+  // Use /tenant/ or exactly /tenant to avoid matching /tenants page
+  const isTenantRoute = typeof window !== 'undefined' && (window.location.pathname.startsWith('/tenant/') || window.location.pathname === '/tenant');
   
   // Use theme colors for tenant admin or tenant routes, default colors for super admin
   const shouldUseTheme = (isTenantAdmin || (isTenantRoute && !isSuperAdmin)) && theme;
diff --git a/src/services/api-client.ts b/src/services/api-client.ts
index 0244a7c..fdaac92 100644
--- a/src/services/api-client.ts
+++ b/src/services/api-client.ts
@@ -57,19 +57,26 @@ apiClient.interceptors.response.use(
       if (!isAuthEndpoint) {
         // Handle unauthorized - clear auth and redirect to login (only for non-auth endpoints)
         // Check if user is on a tenant route to determine redirect path
-        const isTenantRoute = window.location.pathname.startsWith('/tenant');
-        const redirectPath = isTenantRoute ? '/tenant/login' : '/';
+        const isTenantRoute = window.location.pathname.startsWith('/tenant/') || window.location.pathname === '/tenant';
         
+        let redirectPath = '/';
         try {
           const store = (window as any).__REDUX_STORE__;
           if (store) {
+            const state = store.getState() as RootState;
+            const isSuperAdmin = state.auth.roles.includes('super_admin');
+            
+            // Super admins always go to root login, tenant users go to /tenant/login if on a tenant route
+            redirectPath = isSuperAdmin ? '/' : (isTenantRoute ? '/tenant/login' : '/');
+            
             store.dispatch({ type: 'auth/logout' });
-            navigate(redirectPath, { replace: true });
           }
         } catch (e) {
-          // Silently fail if store is not available
-          navigate(redirectPath, { replace: true });
+          // Fallback if store is not available
+          redirectPath = isTenantRoute ? '/tenant/login' : '/';
         }
+        
+        navigate(redirectPath, { replace: true });
       }
       // For auth endpoints, just reject the promise so the component can handle the error
     }