You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe. az login supports Resource Owner Password Credentials (ROPC) flow, which is also known as username password flow:
Microsoft recommends you do not use the ROPC flow. In most scenarios, more secure alternatives are available and recommended. This flow requires a very high degree of trust in the application, and carries risks that are not present in other flows. You should only use this flow when other more secure flows aren't viable.
There are also some recent changes:
We are enforcing MFA on our test tenant.
We are investigating enforcing MFA on client tools' first party applications, including Azure CLI and Azure PowerShell.
Related command
az loginIs your feature request related to a problem? Please describe.
az loginsupports Resource Owner Password Credentials (ROPC) flow, which is also known as username password flow:ROPC flow is not a recommended flow (https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth-ropc):
Warning
Microsoft recommends you do not use the ROPC flow. In most scenarios, more secure alternatives are available and recommended. This flow requires a very high degree of trust in the application, and carries risks that are not present in other flows. You should only use this flow when other more secure flows aren't viable.
There are also some recent changes:
Describe the solution you'd like
ROPC flow inherently doesn't work with MFA (https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth-ropc):
Important
As we are broadening the scope of MFA enforcement, we should consider deprecating and removing ROPC flow support.