-
Notifications
You must be signed in to change notification settings - Fork 3.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Account selection window pops up after Connect-AzAccount fails with "user canceled authentication" #24967
Comments
I'm having the same issue. |
Way 1 and Way 3 are reported by #24963 and can be workarounded by disabling WAM for login Way 2 is new to us, could you share more about your environment?
Thanks a lot |
I would simply repro on a new VM or Sandbox on Windows 11.
|
For the record: the window pop-up-too-late issue was also reported by users of Azure CLI - Azure/azure-cli#28997 |
(I edited the title so that we can focus on the "user canceled authentication" error in this thread.) We had reported this issue to the corresponding team. Latest status is: "The issue is caused by a bug in the account control logic, and it will return unexpected user cancel signal. We are working on it with our highest priority." Again the workaround to this issue is to disable WAM by Will keep this updated. |
For us the update from v2 to v3 was causing the following error:
using -EnableLoginByWam $false did not fix this until we ALSO used -LoginExperienceV2 Off |
Thank you for this. Was greeted by the below after I successfully logged in. After tinkering around came here. |
It seems this was rushed to release too early without more extensive testing. |
There seems to be an issue also when you run Login-Azaccount -tenantId inside VSCode terminal. It does not open this Windows UI for selecting account and it stays frozen without finishing the command. Setting -EnableLoginByWam $false resolves the problem as it switches to using the browser authentication. |
Yep - Microsoft - where's your testing? |
Any update on this issue? Currently running with the workaround. |
The MSAL team is working intensely on the fix. We are going to release a new version after we get the fix version. |
As of 30 May we have same issue. Its stopped scripts from running. Running PS7.4.2 and Az 12. |
if i using
|
@AiHaibara |
the deploy item already deleted now, not sure but seems only these error otherwise it be catched and not print. |
To resolve your issue, could try the latest version and send the debug log to us so that we can check it? thanks |
sorry for some delay, but it seems i can't reproduce this when i using without using target version. |
Thanks a lot , I solved the issue with the command Update-AzConfig -EnableLoginByWam $false. |
For the 3 issues mentioned by the current item
|
Description
I was on Az.Accounts V2.13.1, and my script is working fine, but today after a latest update to Az.Accounts V3.0.0, Connect-AzAccount always succeeded with warning "WARNING: Unable to acquire token for tenant ..." , and although it looks like it connected successfully, no Az operations such as Get-AzSubscription could execute successfully, it reports the same warning:
Here are details:
Result:
Result:
I have no chance to select any thing, the login window appears after the above message.
Result:
Even though it shows like connected successfully, run: Get-AzSubscription to test, got no result with below warning (Repeated in console):
WARNING: Unable to acquire token for tenant 'a065c5e1-13a0-4485-8bc7-0eeca4ebb4aa' with error 'Authentication failed against tenant a065c5e1-13a0-4485-8bc7-0eeca4ebb4aa. User interaction is required. This may be due to the conditional access policy settings such as multi-factor authentication (MFA). If you need to access subscriptions in that tenant, please rerun 'Connect-AzAccount' with additional parameter '-TenantId a065c5e1-13a0-4485-8bc7-0eeca4ebb4aa'.'
WARNING: Unable to acquire token for tenant 'a065c5e1-13a0-4485-8bc7-0eeca4ebb4aa' with error 'Authentication failed against tenant a065c5e1-13a0-4485-8bc7-0eeca4ebb4aa. User interaction is required. This may be due to the conditional access policy settings such as multi-factor authentication (MFA). If you need to access subscriptions in that tenant, please rerun 'Connect-AzAccount' with additional parameter '-TenantId a065c5e1-13a0-4485-8bc7-0eeca4ebb4aa'.'
Issue script & Debug output
Environment data
Module versions
Error output
The text was updated successfully, but these errors were encountered: