Open
Description
Description
If users sign in using:
Connect-AzAccount -AccessToken
then running the following command:
Get-AzAcessToken -ResourceUrl "https//management.azure.com/"
will fail with the error:
Get-AzAccessToken: [AccessTokenAuthenticator] failed to retrieve access token for resource 'https://management.azure.com/';. Please ensure that you have provided the appropriate access tokens when using access token login.
However, Get-AzAcessToken -ResourceUrl "https//management.core.windows.net/"
does work.
Also, if users authenticate using any other method (e.g., interactive, device code) without specifying -AccessToken
, then both of the following succeed:
Get-AzAccessToken -ResourceUrl "https://management.azure.com/"
Get-AzAccessToken -ResourceUrl "https://management.core.windows.net/"
The issue seems to be related to #13527.
Could this be an edge case that the Connect-AzAccount
cmdlet fail to handle?
Issue script & Debug output
Get-AzAccessToken -ResourceUrl "https://management.azure.com/" -Debug
DEBUG: 5:13:37 PM - [ConfigManager] Got nothing from [DisplaySecretsWarning], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 5:13:37 PM - GetAzureRmAccessTokenCommand begin processing with ParameterSet 'ResourceUrl'.
DEBUG: 5:13:37 PM - using account id 'shenglol'...
DEBUG: 5:13:37 PM - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [Az.Accounts], Cmdlet = [Get-AzAccessToken]. Returning default value [True].
DEBUG: 5:13:37 PM - [ConfigManager] Got nothing from [DisableInstanceDiscovery], Module = [], Cmdlet = []. Returning default value [False].
DEBUG: 5:13:37 PM - [ConfigManager] Got nothing from [EnableErrorRecordsPersistence], Module = [Az.Accounts], Cmdlet = [Get-AzAccessToken]. Returning default value [False].
Get-AzAccessToken: [AccessTokenAuthenticator] failed to retrieve access token for resource 'https://management.azure.com/';. Please ensure that you have provided the appropriate access tokens when using access token login.
DEBUG: 5:13:37 PM - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [Az.Accounts], Cmdlet = [Get-AzAccessToken]. Returning default value [True].
DEBUG: 5:13:37 PM - [ConfigManager] Got nothing from [DisplayRegionIdentified], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 5:13:37 PM - [ConfigManager] Got nothing from [CheckForUpgrade], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: AzureQoSEvent: Module: Az.Accounts:5.1.0; CommandName: Get-AzAccessToken; PSVersion: 7.5.1; IsSuccess: False; Duration: 00:00:00.0081732; SanitizeDuration: 00:00:00; Exception: [AccessTokenAuthenticator] failed to retrieve access token for resource 'https://management.azure.com/';. Please ensure that you have provided the appropriate access tokens when using access token login.;
DEBUG: 5:13:37 PM - [ConfigManager] Got nothing from [EnableDataCollection], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 5:13:37 PM - GetAzureRmAccessTokenCommand end processing.
Environment data
Name Value
---- -----
PSVersion 7.5.1
PSEdition Core
GitCommitId 7.5.1
OS Microsoft Windows 10.0.22621
Platform Win32NT
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
WSManStackVersion 3.0
Module versions
ModuleType Version PreRelease Name ExportedCommands
---------- ------- ---------- ---- ----------------
Script 5.1.0 Az.Accounts {Add-AzEnvironment, Clear-AzConfig, Clear-AzContext, Clear-AzDefault…}
Error output
Get-AzAccessToken: [AccessTokenAuthenticator] failed to retrieve access token for resource 'https://management.azure.com/';. Please ensure that you have provided the appropriate access tokens when using access token login.