Describe the bug
Minor issue but the guidance given is incorrect/incomplete (at least in my case) for the following error:
AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access '_directoryId_'.
This does not fix the problem and the error persists even after multiple attempts. However, if I "az logout" first, then it does work.
To Reproduce
I don't actually know why this started happening. I have been using AZ CLI from VS Code PowerShell terminal without any issues and I haven't made any configuration changes to Azure (I am the administrator and the one and only user in the tenant and subscription) and I haven't "moved" to a new location (my physical location and IP address have not changed). But, if you can get yourself in this situation, running "az account tenant list" or "az account subscription list" (and I'm guessing any other online az command) will trigger this error.
Environment summary
Azure CLI 2.34.1; Windows 10 Pro 21H2; PowerShell 7.2.1; VS Code 1.65.0
Additional context
I log in to Azure with a Microsoft account. I have multiple directories and the directoryId shown in the error was for the Azure Sphere directory, which is unique among my directories in that it is a special shared directory (azsusers.onmicrosoft.com) not associated specifically with me or with any Azure subscription. It may not be the cause of the error, but whatever the cause, adding "az logout" to the guidance would take care of it and shouldn't hurt anything else :)
yonzhan
commented
2 years ago
Describe the bug Minor issue but the guidance given is incorrect/incomplete (at least in my case) for the following error:
The guidance given is: To re-authenticate, please run: az login --scope https://management.core.windows.net//.default
This does not fix the problem and the error persists even after multiple attempts. However, if I "az logout" first, then it does work.
To Reproduce I don't actually know why this started happening. I have been using AZ CLI from VS Code PowerShell terminal without any issues and I haven't made any configuration changes to Azure (I am the administrator and the one and only user in the tenant and subscription) and I haven't "moved" to a new location (my physical location and IP address have not changed). But, if you can get yourself in this situation, running "az account tenant list" or "az account subscription list" (and I'm guessing any other online az command) will trigger this error.
Expected behavior The following guidance would have been more complete: To re-authenticate, please run: az logout ; az login --scope https://management.core.windows.net//.default
Environment summary Azure CLI 2.34.1; Windows 10 Pro 21H2; PowerShell 7.2.1; VS Code 1.65.0
Additional context I log in to Azure with a Microsoft account. I have multiple directories and the directoryId shown in the error was for the Azure Sphere directory, which is unique among my directories in that it is a special shared directory (azsusers.onmicrosoft.com) not associated specifically with me or with any Azure subscription. It may not be the cause of the error, but whatever the cause, adding "az logout" to the guidance would take care of it and shouldn't hurt anything else :)