[Error] Cannot run `az login` after previously-linked tenant deleted

[b-c-lucas]

Describe the bug

Command Name
az login

Errors:

The command failed with an unexpected error. Here is the traceback:
Unable to get authority configuration for https://login.microsoftonline.com/ead3d64d-0738-4578-8de0-d119a2a7d398. Authority would typically be in a format of https://login.microsoftonline.com/your_tenant_name
Traceback (most recent call last):
  File "/home/linuxbrew/.linuxbrew/Cellar/azure-cli/2.34.1/libexec/lib/python3.10/site-packages/msal/authority.py", line 83, in __init__
    openid_config = tenant_discovery(
  File "/home/linuxbrew/.linuxbrew/Cellar/azure-cli/2.34.1/libexec/lib/python3.10/site-packages/msal/authority.py", line 151, in tenant_discovery
    raise ValueError("OIDC Discovery endpoint rejects our request")
ValueError: OIDC Discovery endpoint rejects our request

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/home/linuxbrew/.linuxbrew/Cellar/azure-cli/2.34.1/libexec/lib/python3.10/site-packages/knack/cli.py", line 231, in invoke
    cmd_result = self.invocation.execute(args)
  File "/home/linuxbrew/.linuxbrew/Cellar/azure-cli/2.34.1/libexec/lib/python3.10/site-packages/azure/cli/core/commands/__init__.py", line 658, in execute
    raise ex
  File "/home/linuxbrew/.linuxbrew/Cellar/azure-cli/2.34.1/libexec/lib/python3.10/site-packages/azure/cli/core/commands/__init__.py", line 721, in _run_jobs_serially
    results.append(self._run_job(expanded_arg, cmd_copy))
  File "/home/linuxbrew/.linuxbrew/Cellar/azure-cli/2.34.1/libexec/lib/python3.10/site-packages/azure/cli/core/commands/__init__.py", line 692, in _run_job
    result = cmd_copy(params)
  File "/home/linuxbrew/.linuxbrew/Cellar/azure-cli/2.34.1/libexec/lib/python3.10/site-packages/azure/cli/core/commands/__init__.py", line 328, in __call__
    return self.handler(*args, **kwargs)
  File "/home/linuxbrew/.linuxbrew/Cellar/azure-cli/2.34.1/libexec/lib/python3.10/site-packages/azure/cli/core/commands/command_operation.py", line 121, in handler
    return op(**command_args)
  File "/home/linuxbrew/.linuxbrew/Cellar/azure-cli/2.34.1/libexec/lib/python3.10/site-packages/azure/cli/command_modules/profile/custom.py", line 139, in login
    subscriptions = profile.login(
  File "/home/linuxbrew/.linuxbrew/Cellar/azure-cli/2.34.1/libexec/lib/python3.10/site-packages/azure/cli/core/_profile.py", line 177, in login
    subscriptions = subscription_finder.find_using_common_tenant(username, credential)
  File "/home/linuxbrew/.linuxbrew/Cellar/azure-cli/2.34.1/libexec/lib/python3.10/site-packages/azure/cli/core/_profile.py", line 746, in find_using_common_tenant
    specific_tenant_credential = identity.get_user_credential(username)
  File "/home/linuxbrew/.linuxbrew/Cellar/azure-cli/2.34.1/libexec/lib/python3.10/site-packages/azure/cli/core/auth/identity.py", line 233, in get_user_credential
    return UserCredential(self.client_id, username, **self._msal_app_kwargs)
  File "/home/linuxbrew/.linuxbrew/Cellar/azure-cli/2.34.1/libexec/lib/python3.10/site-packages/azure/cli/core/auth/msal_authentication.py", line 39, in __init__
    super().__init__(client_id, **kwargs)
  File "/home/linuxbrew/.linuxbrew/Cellar/azure-cli/2.34.1/libexec/lib/python3.10/site-packages/msal/application.py", line 1466, in __init__
    super(PublicClientApplication, self).__init__(
  File "/home/linuxbrew/.linuxbrew/Cellar/azure-cli/2.34.1/libexec/lib/python3.10/site-packages/msal/application.py", line 438, in __init__
    self.authority = Authority(
  File "/home/linuxbrew/.linuxbrew/Cellar/azure-cli/2.34.1/libexec/lib/python3.10/site-packages/msal/authority.py", line 87, in __init__
    raise ValueError(
ValueError: Unable to get authority configuration for https://login.microsoftonline.com/ead3d64d-0738-4578-8de0-d119a2a7d398. Authority would typically be in a format of https://login.microsoftonline.com/your_tenant_name

To Reproduce:

Steps to reproduce the behavior. Note that argument values have been redacted, as they may contain sensitive information.

• az login

Expected Behavior

Environment Summary

Linux-5.10.93.2-microsoft-standard-WSL2-x86_64-with-glibc2.34, Ubuntu 21.10
Python 3.10.2
Installer: HOMEBREW

azure-cli 2.34.1

Additional Context

I believe something is pulling in membership from a tenant that no longer exists.

Over the past few weeks I have performed the following actions:

• Created additional, separate tenant ead3d64d-0738-4578-8de0-d119a2a7d398
• Invited this login as an External Identity within ead3d64d-0738-4578-8de0-d119a2a7d398
• User for External Identity deleted within ead3d64d-0738-4578-8de0-d119a2a7d398
• Tenant ead3d64d-0738-4578-8de0-d119a2a7d398 deleted

[yonzhan]

@jiasli for awareness

[b-c-lucas]

I ended up needing to go through Azure support to get resolved here.

Anyone who comes across this in the future: I was able to get unblocked by ignoring the diagnostic message and used az login --use-device-code, which seemed to force-clear my CLI's cache (even though that's not documented anywhere I could find).