Open syspro-chrisvogt opened 4 months ago
@BethanyZhou please check if this is a limitation of the Entra ID APIs.
Hi @syspro-chrisvogt , thanks for reaching out to us.
When connecting use other methods (e.g. interactive logon) with the same permissions applied then the tenant information is returned as expected. Get-AzContext is also not returning the tenant name
There isn't a way that I can see to retrieve the tenant name
DEBUG: ============================ HTTP REQUEST ============================
HTTP Method:
GET
Absolute Uri:
https://management.azure.com/tenants?api-version=2021-01-01
DEBUG: ============================ HTTP RESPONSE ============================
Status Code:
OK
Body:
{
"value": [
{
"id": "/tenants/xxxxxxx",
"tenantId": "xxxxxxx",
"tenantCategory": "Home"
}
]
}
Hi @BethanyZhou
The detailed information of tenants will not be retrieved during the process of executing Connect-AzAccount if tenantId is provided. That's why tenant name is missing in the result of Get-AzContext. The behavior is expected and consistent for different login flows, including interactive login.
If I connect interactively, specifying the tenant ID, then when using Get-AzTenant, it returns the list of tenants I have access to. If I need to do something with one of the other tenants, I do need to authenticate still, but at least I can see the list of tenants and, at a minimum, the current tenant's name.
If I connect using a service principal and specify the tenant ID (with access to the same tenants and the same level of permissions/role assignments as the user mentioned above), then Get-AzTenant only returns the current tenant but does not include the tenant name.
I've re-tested the Get-AzContext bit and see that the tenant name is not returned, regardless of the login method used.
My current use case is that I am trying to return the list of reservations expiring within a certain number of days. Unfortunately you have to connect to each tenant to do this and cannot use Lighthouse. What I have written thus far gets the list of tenants (dynamically) and returns this information from each tenant. With Get-AzTenant not returning the list of "available" tenants I will need to hardcode or look this up elsewhere, and this lookup (wherever it is) will now need to be maintained too. By extension, for reporting purposes because it does not return the name means the output is not in a user-friendly format. Again, this can be looked up elsewhere... this just means, though, that things can be missed.
Description
Get-AzTenant and Get-AzContext does not return tenant name when connecting with a serviceprincipal. This is similar to those reported on #10767, #20075, and #22887.
I am logging this separately as #22887 has this listed as a feature request, but I believe this to be a bug for three reasons:
Issue script & Debug output
Environment data
Module versions
Error output