Describe the bug
After following the suggestion to opt into using WAM early, I am unable to successfully log into my account in the "AzureChinaCloud" environment. I am successfully able to log into my account in the "AzureCloud" environment. I was not able to fix it with anything mentioned in the error text's link "https://aka.ms/redirectUriMismatchError".
After disabling WAM (az config set core.allow_broker=false), I can successfully log into both accounts again.
Related command
// The next three commands were suggested in the browser window after logging in when using a recent version of AzCLI:
az config set core.allow_broker=true
az account clear
az login
// Works fine for default "AzureCloud" environment
az cloud set --name "AzureChinaCloud"
az login
// Get error with this after entering password and authenticating with Authenticator app
Errors
Request Id: fac76191-83d5-4741-98d7-6b0ef5100501
Correlation Id: cc38267c-b874-4299-ac06-37a07c8e2265
Timestamp: 2023-05-30T12:51:37Z
Message: AADSTS50011: The redirect URI 'ms-appx-web://Microsoft.AAD.BrokerPlugin/04b07795-8ddb-461a-bbee-02f9e1bf7b46' specified in the request does not match the redirect URIs configured for the application '04b07795-8ddb-461a-bbee-02f9e1bf7b46'. Make sure the redirect URI sent in the request matches one added to your application in the Azure portal. Navigate to https://aka.ms/redirectUriMismatchError to learn more about how to fix this.
Issue script & Debug output
C:\Users\xxxxxx>az login --debug
cli.knack.cli: Command arguments: ['login', '--debug']
cli.knack.cli: init debug log:
Enable color in terminal.
Enable VT mode.
cli.knack.cli: Event: Cli.PreExecute []
cli.knack.cli: Event: CommandParser.OnGlobalArgumentsCreate [<function CLILogging.on_global_arguments at 0x01C9A418>, <function OutputProducer.on_global_arguments at 0x01D69BB0>, <function CLIQuery.on_global_arguments at 0x01D88808>]
cli.knack.cli: Event: CommandInvoker.OnPreCommandTableCreate []
cli.azure.cli.core: Modules found from index for 'login': ['azure.cli.command_modules.profile']
cli.azure.cli.core: Loading command modules:
cli.azure.cli.core: Name Load Time Groups Commands
cli.azure.cli.core: profile 0.008 2 9
cli.azure.cli.core: Total (1) 0.008 2 9
cli.azure.cli.core: Loaded 2 groups, 9 commands.
cli.azure.cli.core: Found a match in the command table.
cli.azure.cli.core: Raw command : login
cli.azure.cli.core: Command table: login
cli.knack.cli: Event: CommandInvoker.OnPreCommandTableTruncate [<function AzCliLogging.init_command_file_logging at 0x0401A340>]
cli.azure.cli.core.azlogging: metadata file logging enabled - writing logs to 'C:\Users\xxxxxx.azure\commands\2023-05-30.12-45-59.login.10524.log'.
az_command_data_logger: command args: login --debug
cli.knack.cli: Event: CommandInvoker.OnPreArgumentLoad [<function register_global_subscription_argument..add_subscription_parameter at 0x04043418>]
cli.knack.cli: Event: CommandInvoker.OnPostArgumentLoad []
cli.knack.cli: Event: CommandInvoker.OnPostCommandTableCreate [<function register_ids_argument..add_ids_arguments at 0x04051340>, <function register_cache_arguments..add_cache_arguments at 0x04051538>]
cli.knack.cli: Event: CommandInvoker.OnCommandTableLoaded []
cli.knack.cli: Event: CommandInvoker.OnPreParseArgs []
cli.knack.cli: Event: CommandInvoker.OnPostParseArgs [<function OutputProducer.handle_output_argument at 0x01D69BF8>, <function CLIQuery.handle_query_parameter at 0x01D88850>, <function register_ids_argument..parse_ids_arguments at 0x040514F0>]
cli.azure.cli.core.auth.persistence: build_persistence: location='C:\Users\xxxxxx\.azure\msal_token_cache.bin', encrypt=True
cli.azure.cli.core.auth.binary_cache: load: C:\Users\xxxxxx.azure\msal_http_cache.bin
urllib3.util.retry: Converted retries value: 1 -> Retry(total=1, connect=None, read=None, redirect=None, status=None)
msal.authority: openid_config = {'token_endpoint': 'https://login.chinacloudapi.cn/organizations/oauth2/v2.0/token', 'token_endpoint_auth_methods_supported': ['client_secret_post', 'private_key_jwt', 'client_secret_basic'], 'jwks_uri': 'https://login.chinacloudapi.cn/organizations/discovery/v2.0/keys', 'response_modes_supported': ['query', 'fragment', 'form_post'], 'subject_types_supported': ['pairwise'], 'id_token_signing_alg_values_supported': ['RS256'], 'response_types_supported': ['code', 'id_token', 'code id_token', 'id_token token'], 'scopes_supported': ['openid', 'profile', 'email', 'offline_access'], 'issuer': 'https://login.partner.microsoftonline.cn/{tenantid}/v2.0', 'request_uri_parameter_supported': False, 'userinfo_endpoint': 'https://microsoftgraph.chinacloudapi.cn/oidc/userinfo', 'authorization_endpoint': 'https://login.chinacloudapi.cn/organizations/oauth2/v2.0/authorize', 'device_authorization_endpoint': 'https://login.chinacloudapi.cn/organizations/oauth2/v2.0/devicecode', 'http_logout_supported': True, 'frontchannel_logout_supported': True, 'end_session_endpoint': 'https://login.chinacloudapi.cn/organizations/oauth2/v2.0/logout', 'claims_supported': ['sub', 'iss', 'cloud_instance_name', 'cloud_instance_host_name', 'cloud_graph_host_name', 'msgraph_host', 'aud', 'exp', 'iat', 'auth_time', 'acr', 'nonce', 'preferred_username', 'name', 'tid', 'ver', 'at_hash', 'c_hash', 'email'], 'kerberos_endpoint': 'https://login.chinacloudapi.cn/organizations/kerberos', 'tenant_region_scope': None, 'cloud_instance_name': 'partner.microsoftonline.cn', 'cloud_graph_host_name': 'graph.chinacloudapi.cn', 'msgraph_host': 'microsoftgraph.chinacloudapi.cn', 'rbac_url': 'https://pas.chinacloudapi.cn'}
msal.application: Broker enabled? True
msal.application: Falls back to broker._signin_interactively()
cli.azure.cli.core.auth.identity: Please select the account you want to log in with.
msal.broker: [MSAL:0001] INFO SetCorrelationId:220 Set correlation ID: fa93c4cf-3fde-4ac2-b2b0-d42cd3ff7553
msal.broker: [MSAL:0001] INFO ExecuteInteractiveRequest:738 The original authority is 'https://login.chinacloudapi.cn/organizations'
msal.broker: [MSAL:0001] WARNING TryNormalizeRealm:2219 No HomeAccountId provided to normalize the realm
msal.broker: [MSAL:0001] INFO ExecuteInteractiveRequest:749 The normalized realm is ''
msal.broker: [MSAL:0001] INFO ModifyAndValidateAuthParameters:182 Additional query parameter added successfully. Key: '(pii)' Value: '(pii)'
msal.broker: [MSAL:0001] INFO ModifyAndValidateAuthParameters:182 Additional query parameter added successfully. Key: '(pii)' Value: '(pii)'
msal.broker: [MSAL:0001] INFO ModifyAndValidateAuthParameters:199 Authority Realm: organizations
msal.broker: [MSAL:0002] WARNING TryReadUniversalStorage:638 Attempted to read cache with a non-normalized realm, access token and ID token reads will fail
msal.broker: [MSAL:0002] WARNING ReadAccountById:225 Account id is empty - account not found
msal.broker: [MSAL:0003] INFO ErrorInternalImpl:116 Created an error: 9zeuv, StatusInternal::UserCanceled, InternalEvent::None, Context 'User canceled the flow'
msal.broker: [MSAL:0003] INFO LogTelemetryData:332 Printing Telemetry for Correlation ID: fa93c4cf-3fde-4ac2-b2b0-d42cd3ff7553
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: start_time, Value: 2023-05-30T12:45:59.000Z
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: api_name, Value: SignInInteractively
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: was_request_throttled, Value: false
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: request_duration, Value: 59680
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: authority_type, Value: Unknown
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: msal_version, Value: 1.1.0+local
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: client_id, Value: 04b07795-8ddb-461a-bbee-02f9e1bf7b46
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: correlation_id, Value: fa93c4cf-3fde-4ac2-b2b0-d42cd3ff7553
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: stop_time, Value: 2023-05-30T12:46:59.000Z
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: msalruntime_version, Value: 0.13.9
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: original_authority, Value: https://login.chinacloudapi.cn/organizations
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: request_eligible_for_broker, Value: true
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: broker_app_used, Value: false
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: ui_event_count, Value: 1
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: additional_query_parameters_count, Value: 2
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: read_token_last_error, Value: missing required parameter
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: authorization_type, Value: Interactive
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: api_error_code, Value: 0
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: api_error_tag, Value: 9zeuv
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: api_status_code, Value: StatusInternal::UserCanceled
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: api_error_context, Value: User canceled the flow
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: all_error_tags, Value: 9zeuv
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: is_successful, Value: false
msal.broker: [MSAL:0003] INFO LogTelemetryData:345 Printing Execution Flow:
msal.broker: [MSAL:0003] INFO LogTelemetryData:353 {"t":"646u1","tid":1,"ts":0,"l":2},{"t":"8dqim","tid":2,"ts":10,"l":2},{"t":"8dqkl","tid":1,"ts":11,"l":2,"a":9,"ie":0},{"t":"54uxe","tid":1,"ts":19,"l":2},{"t":"4wqm9","tid":3,"ts":3786,"l":2},{"t":"8dqkn","tid":3,"ts":59679,"l":2,"a":5,"ie":1},{"t":"8dqko","tid":3,"ts":59679,"l":2,"a":9,"ie":1},{"t":"646u1","tid":3,"ts":59679,"l":2}
cli.azure.cli.core.azclierror: Traceback (most recent call last):
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\knack/cli.py", line 233, in invoke
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 663, in execute
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 726, in _run_jobs_serially
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 697, in _run_job
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 333, in call
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/command_operation.py", line 121, in handler
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/profile/custom.py", line 139, in login
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/_profile.py", line 154, in login
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/auth/identity.py", line 159, in login_with_auth_code
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/auth/util.py", line 133, in check_result
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/auth/util.py", line 43, in aad_error_handler
azure.cli.core.azclierror.AuthenticationError: User canceled the flow. Status: Response_Status.Status_UserCanceled, Error code: 0, Tag: 593773845
{{{{{ NOTE: The error was reported in the login form, which locked the terminal until I manually closed the form, which is why it says "User canceled the flow." }}}}}
cli.azure.cli.core.azclierror: User canceled the flow. Status: Response_Status.Status_UserCanceled, Error code: 0, Tag: 593773845
az_command_data_logger: User canceled the flow. Status: Response_Status.Status_UserCanceled, Error code: 0, Tag: 593773845
Please explicitly log in with:
az login
cli.knack.cli: Event: Cli.PostExecute [<function AzCliLogging.deinit_cmd_metadata_logging at 0x0401A460>]
az_command_data_logger: exit code: 1
cli.main: Command ran in 60.930 seconds (init: 0.688, invoke: 60.242)
telemetry.main: Begin splitting cli events and extra events, total events: 1
telemetry.client: Accumulated 0 events. Flush the clients.
telemetry.main: Finish splitting cli events and extra events, cli events: 1
telemetry.save: Save telemetry record of length 3301 in cache
telemetry.check: Negative: The C:\Users\xxxxxx.azure\telemetry.txt was modified at 2023-05-30 12:37:20.390702, which in less than 600.000000 s
Expected behavior
Successfully log into Azure account in "AzureChinaCloud" environment
Environment Summary
azure-cli 2.49.0
core 2.49.0
telemetry 1.0.8
Dependencies:
msal 1.20.0
azure-mgmt-resource 22.0.0
Python location 'C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\python.exe'
Extensions directory 'C:\Users\xxxxxx.azure\cliextensions'
Python (Windows) 3.10.10 (tags/v3.10.10:aad5f6a, Feb 7 2023, 17:05:00) [MSC v.1929 32 bit (Intel)]
Legal docs and information: aka.ms/AzureCliLegal
Your CLI is up-to-date.
Additional context
This error has been replicated on several computers, with AzCLI versions 2.47 through 2.49.
All forms of authentication (Authenticator app, device code, and SMS) give the same error.
Describe the bug
After following the suggestion to opt into using WAM early, I am unable to successfully log into my account in the "AzureChinaCloud" environment. I am successfully able to log into my account in the "AzureCloud" environment. I was not able to fix it with anything mentioned in the error text's link "https://aka.ms/redirectUriMismatchError".
After disabling WAM (az config set core.allow_broker=false), I can successfully log into both accounts again.
Related command
// The next three commands were suggested in the browser window after logging in when using a recent version of AzCLI:
az config set core.allow_broker=true
az account clear
az login
// Works fine for default "AzureCloud" environment
az cloud set --name "AzureChinaCloud"
az login
// Get error with this after entering password and authenticating with Authenticator app
Errors
Request Id: fac76191-83d5-4741-98d7-6b0ef5100501
Correlation Id: cc38267c-b874-4299-ac06-37a07c8e2265
Timestamp: 2023-05-30T12:51:37Z
Message: AADSTS50011: The redirect URI 'ms-appx-web://Microsoft.AAD.BrokerPlugin/04b07795-8ddb-461a-bbee-02f9e1bf7b46' specified in the request does not match the redirect URIs configured for the application '04b07795-8ddb-461a-bbee-02f9e1bf7b46'. Make sure the redirect URI sent in the request matches one added to your application in the Azure portal. Navigate to https://aka.ms/redirectUriMismatchError to learn more about how to fix this.
Issue script & Debug output
C:\Users\xxxxxx>az login --debug
cli.knack.cli: Command arguments: ['login', '--debug']
cli.knack.cli: init debug log:
Enable color in terminal.
Enable VT mode.
cli.knack.cli: Event: Cli.PreExecute []
cli.knack.cli: Event: CommandParser.OnGlobalArgumentsCreate [<function CLILogging.on_global_arguments at 0x01C9A418>, <function OutputProducer.on_global_arguments at 0x01D69BB0>, <function CLIQuery.on_global_arguments at 0x01D88808>]
cli.knack.cli: Event: CommandInvoker.OnPreCommandTableCreate []
cli.azure.cli.core: Modules found from index for 'login': ['azure.cli.command_modules.profile']
cli.azure.cli.core: Loading command modules:
cli.azure.cli.core: Name Load Time Groups Commands
cli.azure.cli.core: profile 0.008 2 9
cli.azure.cli.core: Total (1) 0.008 2 9
cli.azure.cli.core: Loaded 2 groups, 9 commands.
cli.azure.cli.core: Found a match in the command table.
cli.azure.cli.core: Raw command : login
cli.azure.cli.core: Command table: login
cli.knack.cli: Event: CommandInvoker.OnPreCommandTableTruncate [<function AzCliLogging.init_command_file_logging at 0x0401A340>]
cli.azure.cli.core.azlogging: metadata file logging enabled - writing logs to 'C:\Users\xxxxxx.azure\commands\2023-05-30.12-45-59.login.10524.log'.
az_command_data_logger: command args: login --debug
cli.knack.cli: Event: CommandInvoker.OnPreArgumentLoad [<function register_global_subscription_argument..add_subscription_parameter at 0x04043418>]
cli.knack.cli: Event: CommandInvoker.OnPostArgumentLoad []
cli.knack.cli: Event: CommandInvoker.OnPostCommandTableCreate [<function register_ids_argument..add_ids_arguments at 0x04051340>, <function register_cache_arguments..add_cache_arguments at 0x04051538>]
cli.knack.cli: Event: CommandInvoker.OnCommandTableLoaded []
cli.knack.cli: Event: CommandInvoker.OnPreParseArgs []
cli.knack.cli: Event: CommandInvoker.OnPostParseArgs [<function OutputProducer.handle_output_argument at 0x01D69BF8>, <function CLIQuery.handle_query_parameter at 0x01D88850>, <function register_ids_argument..parse_ids_arguments at 0x040514F0>]
cli.azure.cli.core.auth.persistence: build_persistence: location='C:\Users\xxxxxx\.azure\msal_token_cache.bin', encrypt=True
cli.azure.cli.core.auth.binary_cache: load: C:\Users\xxxxxx.azure\msal_http_cache.bin
urllib3.util.retry: Converted retries value: 1 -> Retry(total=1, connect=None, read=None, redirect=None, status=None)
msal.authority: openid_config = {'token_endpoint': 'https://login.chinacloudapi.cn/organizations/oauth2/v2.0/token', 'token_endpoint_auth_methods_supported': ['client_secret_post', 'private_key_jwt', 'client_secret_basic'], 'jwks_uri': 'https://login.chinacloudapi.cn/organizations/discovery/v2.0/keys', 'response_modes_supported': ['query', 'fragment', 'form_post'], 'subject_types_supported': ['pairwise'], 'id_token_signing_alg_values_supported': ['RS256'], 'response_types_supported': ['code', 'id_token', 'code id_token', 'id_token token'], 'scopes_supported': ['openid', 'profile', 'email', 'offline_access'], 'issuer': 'https://login.partner.microsoftonline.cn/{tenantid}/v2.0', 'request_uri_parameter_supported': False, 'userinfo_endpoint': 'https://microsoftgraph.chinacloudapi.cn/oidc/userinfo', 'authorization_endpoint': 'https://login.chinacloudapi.cn/organizations/oauth2/v2.0/authorize', 'device_authorization_endpoint': 'https://login.chinacloudapi.cn/organizations/oauth2/v2.0/devicecode', 'http_logout_supported': True, 'frontchannel_logout_supported': True, 'end_session_endpoint': 'https://login.chinacloudapi.cn/organizations/oauth2/v2.0/logout', 'claims_supported': ['sub', 'iss', 'cloud_instance_name', 'cloud_instance_host_name', 'cloud_graph_host_name', 'msgraph_host', 'aud', 'exp', 'iat', 'auth_time', 'acr', 'nonce', 'preferred_username', 'name', 'tid', 'ver', 'at_hash', 'c_hash', 'email'], 'kerberos_endpoint': 'https://login.chinacloudapi.cn/organizations/kerberos', 'tenant_region_scope': None, 'cloud_instance_name': 'partner.microsoftonline.cn', 'cloud_graph_host_name': 'graph.chinacloudapi.cn', 'msgraph_host': 'microsoftgraph.chinacloudapi.cn', 'rbac_url': 'https://pas.chinacloudapi.cn'}
msal.application: Broker enabled? True
msal.application: Falls back to broker._signin_interactively()
cli.azure.cli.core.auth.identity: Please select the account you want to log in with.
msal.broker: [MSAL:0001] INFO SetCorrelationId:220 Set correlation ID: fa93c4cf-3fde-4ac2-b2b0-d42cd3ff7553
msal.broker: [MSAL:0001] INFO ExecuteInteractiveRequest:738 The original authority is 'https://login.chinacloudapi.cn/organizations'
msal.broker: [MSAL:0001] WARNING TryNormalizeRealm:2219 No HomeAccountId provided to normalize the realm
msal.broker: [MSAL:0001] INFO ExecuteInteractiveRequest:749 The normalized realm is ''
msal.broker: [MSAL:0001] INFO ModifyAndValidateAuthParameters:182 Additional query parameter added successfully. Key: '(pii)' Value: '(pii)'
msal.broker: [MSAL:0001] INFO ModifyAndValidateAuthParameters:182 Additional query parameter added successfully. Key: '(pii)' Value: '(pii)'
msal.broker: [MSAL:0001] INFO ModifyAndValidateAuthParameters:199 Authority Realm: organizations
msal.broker: [MSAL:0002] WARNING TryReadUniversalStorage:638 Attempted to read cache with a non-normalized realm, access token and ID token reads will fail
msal.broker: [MSAL:0002] WARNING ReadAccountById:225 Account id is empty - account not found
msal.broker: [MSAL:0003] INFO ErrorInternalImpl:116 Created an error: 9zeuv, StatusInternal::UserCanceled, InternalEvent::None, Context 'User canceled the flow'
msal.broker: [MSAL:0003] INFO LogTelemetryData:332 Printing Telemetry for Correlation ID: fa93c4cf-3fde-4ac2-b2b0-d42cd3ff7553
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: start_time, Value: 2023-05-30T12:45:59.000Z
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: api_name, Value: SignInInteractively
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: was_request_throttled, Value: false
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: request_duration, Value: 59680
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: authority_type, Value: Unknown
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: msal_version, Value: 1.1.0+local
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: client_id, Value: 04b07795-8ddb-461a-bbee-02f9e1bf7b46
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: correlation_id, Value: fa93c4cf-3fde-4ac2-b2b0-d42cd3ff7553
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: stop_time, Value: 2023-05-30T12:46:59.000Z
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: msalruntime_version, Value: 0.13.9
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: original_authority, Value: https://login.chinacloudapi.cn/organizations
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: request_eligible_for_broker, Value: true
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: broker_app_used, Value: false
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: ui_event_count, Value: 1
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: additional_query_parameters_count, Value: 2
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: read_token_last_error, Value: missing required parameter
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: authorization_type, Value: Interactive
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: api_error_code, Value: 0
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: api_error_tag, Value: 9zeuv
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: api_status_code, Value: StatusInternal::UserCanceled
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: api_error_context, Value: User canceled the flow
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: all_error_tags, Value: 9zeuv
msal.broker: [MSAL:0003] INFO LogTelemetryData:340 Key: is_successful, Value: false
msal.broker: [MSAL:0003] INFO LogTelemetryData:345 Printing Execution Flow:
msal.broker: [MSAL:0003] INFO LogTelemetryData:353 {"t":"646u1","tid":1,"ts":0,"l":2},{"t":"8dqim","tid":2,"ts":10,"l":2},{"t":"8dqkl","tid":1,"ts":11,"l":2,"a":9,"ie":0},{"t":"54uxe","tid":1,"ts":19,"l":2},{"t":"4wqm9","tid":3,"ts":3786,"l":2},{"t":"8dqkn","tid":3,"ts":59679,"l":2,"a":5,"ie":1},{"t":"8dqko","tid":3,"ts":59679,"l":2,"a":9,"ie":1},{"t":"646u1","tid":3,"ts":59679,"l":2}
cli.azure.cli.core.azclierror: Traceback (most recent call last):
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\knack/cli.py", line 233, in invoke
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 663, in execute
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 726, in _run_jobs_serially
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 697, in _run_job
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 333, in call
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/command_operation.py", line 121, in handler
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/profile/custom.py", line 139, in login
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/_profile.py", line 154, in login
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/auth/identity.py", line 159, in login_with_auth_code
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/auth/util.py", line 133, in check_result
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/auth/util.py", line 43, in aad_error_handler
azure.cli.core.azclierror.AuthenticationError: User canceled the flow. Status: Response_Status.Status_UserCanceled, Error code: 0, Tag: 593773845
{{{{{ NOTE: The error was reported in the login form, which locked the terminal until I manually closed the form, which is why it says "User canceled the flow." }}}}}
cli.azure.cli.core.azclierror: User canceled the flow. Status: Response_Status.Status_UserCanceled, Error code: 0, Tag: 593773845
az_command_data_logger: User canceled the flow. Status: Response_Status.Status_UserCanceled, Error code: 0, Tag: 593773845
Please explicitly log in with:
az login
cli.knack.cli: Event: Cli.PostExecute [<function AzCliLogging.deinit_cmd_metadata_logging at 0x0401A460>]
az_command_data_logger: exit code: 1
cli.main: Command ran in 60.930 seconds (init: 0.688, invoke: 60.242)
telemetry.main: Begin splitting cli events and extra events, total events: 1
telemetry.client: Accumulated 0 events. Flush the clients.
telemetry.main: Finish splitting cli events and extra events, cli events: 1
telemetry.save: Save telemetry record of length 3301 in cache
telemetry.check: Negative: The C:\Users\xxxxxx.azure\telemetry.txt was modified at 2023-05-30 12:37:20.390702, which in less than 600.000000 s
Expected behavior
Successfully log into Azure account in "AzureChinaCloud" environment
Environment Summary
azure-cli 2.49.0
core 2.49.0
telemetry 1.0.8
Dependencies:
msal 1.20.0
azure-mgmt-resource 22.0.0
Python location 'C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\python.exe'
Extensions directory 'C:\Users\xxxxxx.azure\cliextensions'
Python (Windows) 3.10.10 (tags/v3.10.10:aad5f6a, Feb 7 2023, 17:05:00) [MSC v.1929 32 bit (Intel)]
Legal docs and information: aka.ms/AzureCliLegal
Your CLI is up-to-date.
Additional context
This error has been replicated on several computers, with AzCLI versions 2.47 through 2.49.
All forms of authentication (Authenticator app, device code, and SMS) give the same error.