Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] AzureCliCredential incorrectly says that user is not logged in when authorizing without consent #26894

Closed
KrzysztofCwalina opened this issue Feb 9, 2022 · 1 comment · Fixed by #31949
Closed

[BUG] AzureCliCredential incorrectly says that user is not logged in when authorizing without consent #26894

KrzysztofCwalina opened this issue Feb 9, 2022 · 1 comment · Fixed by #31949
Assignees
@christothes @schaabs
Labels
Azure.Identity Client This issue points to a problem in the data-plane of the library. needs-team-attention This issue needs attention from Azure service team or SDK team

Comments

@KrzysztofCwalina
Copy link
Member

Library name and version

Azure.Identity

Describe the bug

  1. Create Web API app in non-Microsoft tenant
  2. Register the app in the tenant, but do not grant consent to authorize
  3. Login into Azure CLI
  4. Call AzureCLiCreddential.GetToken (with the non-Microsoft tenantId)

Result: the call fails with
Azure.Identity.CredentialUnavailableException
HResult=0x80131500
Message=Please run 'az login' to set up account"

Now do:
az account get-access-token --output json --resource api://<app_id>

You will get:
AADSTS65001: The user or administrator has not consented to use the application with ID '<app_id>' named 'Microsoft Azure CLI'. Send an interactive authorization request for this user and resource.

Expected behavior

Expected:
the error from GetToken should say something about the consent issue, not about login.

Actual behavior

Azure.Identity.CredentialUnavailableException

Reproduction Steps

see above

Environment

No response
@ghost ghost added the needs-triage This is a new issue that needs to be triaged to the appropriate team. label Feb 9, 2022
@azure-sdk azure-sdk added Azure.Identity Client This issue points to a problem in the data-plane of the library. needs-team-triage This issue needs the team to triage. labels Feb 9, 2022
@ghost ghost removed the needs-triage This is a new issue that needs to be triaged to the appropriate team. label Feb 9, 2022
@jsquire jsquire added needs-team-attention This issue needs attention from Azure service team or SDK team and removed needs-team-triage This issue needs the team to triage. labels Feb 9, 2022
@swettstein
Copy link

any update on this? would be nice to get this prioritized

@christothes christothes mentioned this issue Oct 25, 2022
Merged
@julealgon julealgon mentioned this issue Nov 25, 2022
Closed
@github-actions github-actions bot locked and limited conversation to collaborators Mar 26, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@christothes christothes

@schaabs schaabs

Labels
Azure.Identity Client This issue points to a problem in the data-plane of the library. needs-team-attention This issue needs attention from Azure service team or SDK team
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix error messages with AADSTS and az login Azure/azure-sdk-for-net
6 participants
@jsquire @christothes @KrzysztofCwalina @schaabs @swettstein @azure-sdk