[Az.Accounts] `Connect-AzAccount` - Reused Port/Double Auth Error

[elliot-huffman]

Description

When running multiple Connect-AzAccount in a short time, the first one works, and the second one gets the original's auth code and errors out because the original browser tab is still open from the original Entra Auth redirect.

This happens even if Disconnect-AzAccount is called after the first auth cmdlet.
This can be fixed by having the port number randomized like how the rest of MSAL implementations do it. So that when the second web browser tab goes for auth, the return URL is not the same port as the first one and the server isn't listening to the same port as the first cmdlet was. Which will prevent the first tab authenticating to the second instance, which was not closed from the original authentication.

This would also fix issues with environments that may be using that port (I am not affected by this, just something else that may be fixed if this issue is resolved).

This is the port number that is currently hard coded:
8400

Lines:

src/Accounts/Authenticators/InteractiveUserAuthenticator.cs

src/Accounts/Accounts.Test/LoginCmdletTests.cs

Proposed Fix:

instead of hard coding 8400, use 0, which will find a "random" available port and use that.
See here for the .Net API constructor used to get the random port:
https://learn.microsoft.com/en-us/dotnet/api/system.net.sockets.tcplistener.-ctor?view=net-8.0#system-net-sockets-tcplistener-ctor(system-net-ipaddress-system-int32)

Example code that can reproduce this issue:
Connect-AzAccount ; Connect-AzAccount

Issue script & Debug output

PS> Connect-AzAccount ; Connect-AzAccount

===Returns from intial cmdlet truncated as hit max comment size===

DEBUG: 9:24:26 AM - [ConfigManager] Got nothing from [DisplayRegionIdentified], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 9:24:26 AM - [ConfigManager] Got nothing from [CheckForUpgrade], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: AzureQoSEvent:  Module: Az.Accounts:2.13.2; CommandName: Connect-AzAccount; PSVersion: 7.4.0; IsSuccess: True; Duration: 00:00:06.7106677
DEBUG: 9:24:26 AM - [ConfigManager] Got nothing from [EnableDataCollection], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 9:24:26 AM - ConnectAzureRmAccountCommand end processing.
DEBUG: 9:24:26 AM - ConnectAzureRmAccountCommand begin processing with ParameterSet 'UserWithSubscriptionId'.
DEBUG: 9:24:26 AM - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 9:24:26 AM - [ConfigManager] Got nothing from [DefaultSubscriptionForLogin], Module = [], Cmdlet = []. Returning default value [].
DEBUG: 9:24:26 AM - Autosave setting from startup session: 'CurrentUser'
DEBUG: 9:24:26 AM - No autosave setting detected in environment variable 'AzContextAutoSave'.
DEBUG: 9:24:26 AM - Using Autosave scope 'CurrentUser'
DEBUG: 9:24:26 AM - [InteractiveUserAuthenticator] Calling InteractiveBrowserCredential.AuthenticateAsync with TenantId:'', Scopes:'https://management.core.windows.net//.default', AuthorityHost:'https://login.microsoftonline.com/', RedirectUri:'http://localhost:8400/'
DEBUG: InteractiveBrowserCredential.Authenticate invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:
DEBUG: Executing interactive authentication workflow inline.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 38f71262-ec6f-4801-90c5-4f63c061d0f3] MSAL MSAL.NetCore with assembly version '4.49.1.0'. CorrelationId(38f71262-ec6f-4801-90c5-4f63c061d0f3)
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 38f71262-ec6f-4801-90c5-4f63c061d0f3] === InteractiveParameters Data ===
LoginHint provided: False
User provided: False
UseEmbeddedWebView: NotSpecified
ExtraScopesToConsent:
Prompt: select_account
HasCustomWebUi: False

DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 38f71262-ec6f-4801-90c5-4f63c061d0f3]
=== Request Data ===
Authority Provided? - True
Scopes - https://management.core.windows.net//.default
Extra Query Params Keys (space separated) -
ApiId - AcquireTokenInteractive
IsConfidentialClient - False
SendX5C - False
LoginHint ? False
IsBrokerConfigured - False
HomeAccountId - False
CorrelationId - 38f71262-ec6f-4801-90c5-4f63c061d0f3
UserAssertion set: False
LongRunningOboCacheKey set: False
Region configured:

DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 38f71262-ec6f-4801-90c5-4f63c061d0f3] === Token Acquisition (InteractiveRequest) started:
         Scopes: https://management.core.windows.net//.default
        Authority Host: login.microsoftonline.com
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 38f71262-ec6f-4801-90c5-4f63c061d0f3] [Instance Discovery] Instance discovery is enabled and will be performed
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 38f71262-ec6f-4801-90c5-4f63c061d0f3] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 38f71262-ec6f-4801-90c5-4f63c061d0f3] Using system browser.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 38f71262-ec6f-4801-90c5-4f63c061d0f3] Listening for authorization code on http://localhost:8400/
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:27Z - 38f71262-ec6f-4801-90c5-4f63c061d0f3] Default OS Browser intercepted an Uri with an error: authentication_failed The authorization server returned an invalid response.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:27Z - 38f71262-ec6f-4801-90c5-4f63c061d0f3] Processing a response message to the browser. HttpStatus:OK
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:27Z - 38f71262-ec6f-4801-90c5-4f63c061d0f3] Exception type: Microsoft.Identity.Client.MsalClientException
, ErrorCode: loopback_response_uri_mismatch

   at Microsoft.Identity.Client.Platforms.Shared.Desktop.OsBrowser.DefaultOsBrowserWebUi.AcquireAuthorizationAsync(Uri authorizationUri, Uri redirectUri, RequestContext requestContext, CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.AuthCodeRequestComponent.FetchAuthCodeAndPkceInternalAsync(IWebUI webUi, CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.AuthCodeRequestComponent.FetchAuthCodeAndPkceVerifierAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.GetTokenResponseAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.ExecuteAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.Requests.RequestBase.RunAsync(CancellationToken cancellationToken)
DEBUG: InteractiveBrowserCredential.Authenticate was unable to retrieve an access token. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:  Exception: Azure.Identity.AuthenticationFailedException (0x80131500): InteractiveBrowserCredential authentication failed: Redirect Uri mismatch.  Expected (/favicon.ico) Actual (/).
 ---> Microsoft.Identity.Client.MsalClientException (0x80131500): Redirect Uri mismatch.  Expected (/favicon.ico) Actual (/).
WARNING: Unable to acquire token for tenant 'organizations' with error 'InteractiveBrowserCredential authentication failed: Redirect Uri mismatch.  Expected (/favicon.ico) Actual (/). '
DEBUG: 9:24:27 AM - Unable to acquire token for tenant 'organizations' with error 'Azure.Identity.AuthenticationFailedException: InteractiveBrowserCredential authentication failed: Redirect Uri mismatch.  Expected (/favicon.ico) Actual (/).
 ---> MSAL.NetCore.4.49.1.0.MsalClientException:
        ErrorCode: loopback_response_uri_mismatch
Microsoft.Identity.Client.MsalClientException: Redirect Uri mismatch.  Expected (/favicon.ico) Actual (/).
   at Microsoft.Identity.Client.Platforms.Shared.Desktop.OsBrowser.DefaultOsBrowserWebUi.AcquireAuthorizationAsync(Uri authorizationUri, Uri redirectUri, RequestContext requestContext, CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.AuthCodeRequestComponent.FetchAuthCodeAndPkceInternalAsync(IWebUI webUi, CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.AuthCodeRequestComponent.FetchAuthCodeAndPkceVerifierAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.GetTokenResponseAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.ExecuteAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.Requests.RequestBase.RunAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.ApiConfig.Executors.PublicClientExecutor.ExecuteAsync(AcquireTokenCommonParameters commonParameters, AcquireTokenInteractiveParameters interactiveParameters, CancellationToken cancellationToken)
   at Azure.Identity.AbstractAcquireTokenParameterBuilderExtensions.ExecuteAsync[T](AbstractAcquireTokenParameterBuilder`1 builder, Boolean async, CancellationToken cancellationToken)
   at Azure.Identity.MsalPublicClient.AcquireTokenInteractiveCoreAsync(String[] scopes, String claims, Prompt prompt, String loginHint, String tenantId, Boolean async, CancellationToken cancellationToken)
   at Azure.Identity.MsalPublicClient.AcquireTokenInteractiveAsync(String[] scopes, String claims, Prompt prompt, String loginHint, String tenantId, Boolean async, CancellationToken cancellationToken)
   at Azure.Identity.InteractiveBrowserCredential.GetTokenViaBrowserLoginAsync(TokenRequestContext context, Boolean async, CancellationToken cancellationToken)
   at Azure.Identity.InteractiveBrowserCredential.AuthenticateImplAsync(Boolean async, TokenRequestContext requestContext, CancellationToken cancellationToken)
   --- End of inner exception stack trace ---
   at Azure.Identity.CredentialDiagnosticScope.FailWrapAndThrow(Exception ex, String additionalMessage)
   at Azure.Identity.InteractiveBrowserCredential.AuthenticateImplAsync(Boolean async, TokenRequestContext requestContext, CancellationToken cancellationToken)
   at Azure.Identity.InteractiveBrowserCredential.AuthenticateAsync(TokenRequestContext requestContext, CancellationToken cancellationToken)
   at Microsoft.Azure.PowerShell.Authenticators.MsalAccessToken.GetAccessTokenAsync(Task`1 authTask, TokenCredential tokenCredential, TokenRequestContext requestContext, CancellationToken cancellationToken)
   at Microsoft.Azure.Commands.Common.Authentication.Factories.AuthenticationFactory.Authenticate(IAzureAccount account, IAzureEnvironment environment, String tenant, SecureString password, String promptBehavior, Action`1 promptAction, IAzureTokenCache tokenCache, String resourceId)
   at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.AcquireAccessToken(IAzureAccount account, IAzureEnvironment environment, String tenantId, SecureString password, String promptBehavior, Action`1 promptAction, String resourceId)
   at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListAccountTenants(IAzureAccount account, IAzureEnvironment environment, SecureString password, String promptBehavior, Action`1 promptAction)'
WARNING: Please run 'Connect-AzAccount -DeviceCode' if browser is not supported in this session.
DEBUG: Azure.Identity.AuthenticationFailedException: InteractiveBrowserCredential authentication failed: Redirect Uri mismatch.  Expected (/favicon.ico) Actual (/).
 ---> MSAL.NetCore.4.49.1.0.MsalClientException:
        ErrorCode: loopback_response_uri_mismatch
Microsoft.Identity.Client.MsalClientException: Redirect Uri mismatch.  Expected (/favicon.ico) Actual (/).
   at Microsoft.Identity.Client.Platforms.Shared.Desktop.OsBrowser.DefaultOsBrowserWebUi.AcquireAuthorizationAsync(Uri authorizationUri, Uri redirectUri, RequestContext requestContext, CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.AuthCodeRequestComponent.FetchAuthCodeAndPkceInternalAsync(IWebUI webUi, CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.AuthCodeRequestComponent.FetchAuthCodeAndPkceVerifierAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.GetTokenResponseAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.ExecuteAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.Requests.RequestBase.RunAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.ApiConfig.Executors.PublicClientExecutor.ExecuteAsync(AcquireTokenCommonParameters commonParameters, AcquireTokenInteractiveParameters interactiveParameters, CancellationToken cancellationToken)
   at Azure.Identity.AbstractAcquireTokenParameterBuilderExtensions.ExecuteAsync[T](AbstractAcquireTokenParameterBuilder`1 builder, Boolean async, CancellationToken cancellationToken)
   at Azure.Identity.MsalPublicClient.AcquireTokenInteractiveCoreAsync(String[] scopes, String claims, Prompt prompt, String loginHint, String tenantId, Boolean async, CancellationToken cancellationToken)
   at Azure.Identity.MsalPublicClient.AcquireTokenInteractiveAsync(String[] scopes, String claims, Prompt prompt, String loginHint, String tenantId, Boolean async, CancellationToken cancellationToken)
   at Azure.Identity.InteractiveBrowserCredential.GetTokenViaBrowserLoginAsync(TokenRequestContext context, Boolean async, CancellationToken cancellationToken)
   at Azure.Identity.InteractiveBrowserCredential.AuthenticateImplAsync(Boolean async, TokenRequestContext requestContext, CancellationToken cancellationToken)
   --- End of inner exception stack trace ---
   at Azure.Identity.CredentialDiagnosticScope.FailWrapAndThrow(Exception ex, String additionalMessage)
   at Azure.Identity.InteractiveBrowserCredential.AuthenticateImplAsync(Boolean async, TokenRequestContext requestContext, CancellationToken cancellationToken)
   at Azure.Identity.InteractiveBrowserCredential.AuthenticateAsync(TokenRequestContext requestContext, CancellationToken cancellationToken)
   at Microsoft.Azure.PowerShell.Authenticators.MsalAccessToken.GetAccessTokenAsync(Task`1 authTask, TokenCredential tokenCredential, TokenRequestContext requestContext, CancellationToken cancellationToken)
   at Microsoft.Azure.Commands.Common.Authentication.Factories.AuthenticationFactory.Authenticate(IAzureAccount account, IAzureEnvironment environment, String tenant, SecureString password, String promptBehavior, Action`1 promptAction, IAzureTokenCache tokenCache, String resourceId)
   at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.AcquireAccessToken(IAzureAccount account, IAzureEnvironment environment, String tenantId, SecureString password, String promptBehavior, Action`1 promptAction, String resourceId)
   at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListAccountTenants(IAzureAccount account, IAzureEnvironment environment, SecureString password, String promptBehavior, Action`1 promptAction)
   at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.Login(IAzureAccount account, IAzureEnvironment environment, String tenantIdOrName, String subscriptionId, String subscriptionName, SecureString password, Boolean skipValidation, IOpenIDConfiguration openIDConfigDoc, Action`1 promptAction, String name, Boolean shouldPopulateContextList, Int32 maxContextPopulation, String authScope)
   at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>c__DisplayClass127_2.<ExecuteCmdlet>b__5()
   at System.Threading.Tasks.Task`1.InnerInvoke()
   at System.Threading.ExecutionContext.RunFromThreadPoolDispatchLoop(Thread threadPoolThread, ExecutionContext executionContext, ContextCallback callback, Object state)
--- End of stack trace from previous location ---
   at System.Threading.ExecutionContext.RunFromThreadPoolDispatchLoop(Thread threadPoolThread, ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Threading.Tasks.Task.ExecuteWithThreadLocal(Task& currentTaskSlot, Thread threadPoolThread)
--- End of stack trace from previous location ---
   at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>c__DisplayClass127_1.<ExecuteCmdlet>b__1(AzureRmProfile localProfile, RMProfileClient profileClient, String name)
DEBUG: 9:24:27 AM - [ConfigManager] Got nothing from [DisableErrorRecordsPersistence], Module = [], Cmdlet = []. Returning default value [False].
DEBUG: 9:24:27 AM - [ConfigManager] Got nothing from [EnableDataCollection], Module = [], Cmdlet = []. Returning default value [True].
Account            SubscriptionName TenantId                             Environment
-------            ---------------- --------                             -----------
user@example.com Production       REDACTED-TENANTID AzureCloud
Connect-AzAccount: InteractiveBrowserCredential authentication failed: Redirect Uri mismatch.  Expected (/favicon.ico) Actual (/).
DEBUG: 9:24:27 AM - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 9:24:27 AM - [ConfigManager] Got nothing from [DisplayRegionIdentified], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 9:24:27 AM - [ConfigManager] Got nothing from [CheckForUpgrade], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: AzureQoSEvent:  Module: Az.Accounts:2.13.2; CommandName: Connect-AzAccount; PSVersion: 7.4.0; IsSuccess: False; Duration: 00:00:00.4563340; Exception: InteractiveBrowserCredential authentication failed: Redirect Uri mismatch.  Expected (/favicon.ico) Actual (/). ;
DEBUG: 9:24:27 AM - ConnectAzureRmAccountCommand end processing.

Environment data

Name                           Value
----                           -----
PSVersion                      7.4.0
PSEdition                      Core
GitCommitId                    7.4.0
OS                             Microsoft Windows 10.0.22631
Platform                       Win32NT
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

Module versions

ModuleType Version Name
---------- ------- ----
Script     11.1.0  Az
Script     2.13.2  Az.Accounts

Error output

DEBUG: 9:26:16 AM - ResolveError begin processing with ParameterSet 'AnyErrorParameterSet'.
DEBUG: 9:26:16 AM - using account id 'user@example.com'...
DEBUG: 9:26:16 AM - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [], Cmdlet = []. Returning default value [True].

   HistoryId: 8

Message        : InteractiveBrowserCredential authentication failed: Redirect Uri mismatch.  Expected (/favicon.ico) Actual (/).
StackTrace     :    at Azure.Identity.CredentialDiagnosticScope.FailWrapAndThrow(Exception ex, String additionalMessage)
                    at Azure.Identity.InteractiveBrowserCredential.AuthenticateImplAsync(Boolean async, TokenRequestContext requestContext, CancellationToken
                 cancellationToken)
                    at Azure.Identity.InteractiveBrowserCredential.AuthenticateAsync(TokenRequestContext requestContext, CancellationToken cancellationToken)
                    at Microsoft.Azure.PowerShell.Authenticators.MsalAccessToken.GetAccessTokenAsync(Task`1 authTask, TokenCredential tokenCredential,
                 TokenRequestContext requestContext, CancellationToken cancellationToken)
                    at Microsoft.Azure.Commands.Common.Authentication.Factories.AuthenticationFactory.Authenticate(IAzureAccount account, IAzureEnvironment
                 environment, String tenant, SecureString password, String promptBehavior, Action`1 promptAction, IAzureTokenCache tokenCache, String resourceId)
                    at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.AcquireAccessToken(IAzureAccount account, IAzureEnvironment environment,
                 String tenantId, SecureString password, String promptBehavior, Action`1 promptAction, String resourceId)
                    at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListAccountTenants(IAzureAccount account, IAzureEnvironment environment,
                 SecureString password, String promptBehavior, Action`1 promptAction)
                    at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.Login(IAzureAccount account, IAzureEnvironment environment, String
                 tenantIdOrName, String subscriptionId, String subscriptionName, SecureString password, Boolean skipValidation, IOpenIDConfiguration openIDConfigDoc,
                 Action`1 promptAction, String name, Boolean shouldPopulateContextList, Int32 maxContextPopulation, String authScope)
                    at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>c__DisplayClass127_2.<ExecuteCmdlet>b__5()
                    at System.Threading.Tasks.Task`1.InnerInvoke()
                    at System.Threading.ExecutionContext.RunFromThreadPoolDispatchLoop(Thread threadPoolThread, ExecutionContext executionContext, ContextCallback
                 callback, Object state)
                 --- End of stack trace from previous location ---
                    at System.Threading.ExecutionContext.RunFromThreadPoolDispatchLoop(Thread threadPoolThread, ExecutionContext executionContext, ContextCallback
                 callback, Object state)
                    at System.Threading.Tasks.Task.ExecuteWithThreadLocal(Task& currentTaskSlot, Thread threadPoolThread)
                 --- End of stack trace from previous location ---
                    at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>c__DisplayClass127_1.<ExecuteCmdlet>b__1(AzureRmProfile localProfile,
                 RMProfileClient profileClient, String name)
                    at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>c__DisplayClass136_0.<SetContextWithOverwritePrompt>b__0(AzureRmProfile prof,
                 RMProfileClient client)
                    at Microsoft.Azure.Commands.Profile.Common.AzureContextModificationCmdlet.ModifyContext(Action`2 contextAction)
                    at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.SetContextWithOverwritePrompt(Action`3 setContextAction)
                    at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.ExecuteCmdlet()
                    at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.<>c__3`1.<ExecuteSynchronouslyOrAsJob>b__3_0(T c)
                    at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet, Action`1 executor)
                    at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet)
                    at Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord()
Exception      : Azure.Identity.AuthenticationFailedException
InvocationInfo : {Connect-AzAccount}
Line           : Connect-AzAccount ; Connect-AzAccount
Position       : At line:1 char:21
                 + Connect-AzAccount ; Connect-AzAccount
                 +                     ~~~~~~~~~~~~~~~~~
HistoryId      : 8

Message        : Redirect Uri mismatch.  Expected (/favicon.ico) Actual (/).
StackTrace     :    at Microsoft.Identity.Client.Platforms.Shared.Desktop.OsBrowser.DefaultOsBrowserWebUi.AcquireAuthorizationAsync(Uri authorizationUri, Uri
                 redirectUri, RequestContext requestContext, CancellationToken cancellationToken)
                    at Microsoft.Identity.Client.Internal.AuthCodeRequestComponent.FetchAuthCodeAndPkceInternalAsync(IWebUI webUi, CancellationToken
                 cancellationToken)
                    at Microsoft.Identity.Client.Internal.AuthCodeRequestComponent.FetchAuthCodeAndPkceVerifierAsync(CancellationToken cancellationToken)
                    at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.GetTokenResponseAsync(CancellationToken cancellationToken)
                    at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.ExecuteAsync(CancellationToken cancellationToken)
                    at Microsoft.Identity.Client.Internal.Requests.RequestBase.RunAsync(CancellationToken cancellationToken)
                    at Microsoft.Identity.Client.ApiConfig.Executors.PublicClientExecutor.ExecuteAsync(AcquireTokenCommonParameters commonParameters,
                 AcquireTokenInteractiveParameters interactiveParameters, CancellationToken cancellationToken)
                    at Azure.Identity.AbstractAcquireTokenParameterBuilderExtensions.ExecuteAsync[T](AbstractAcquireTokenParameterBuilder`1 builder, Boolean async,
                 CancellationToken cancellationToken)
                    at Azure.Identity.MsalPublicClient.AcquireTokenInteractiveCoreAsync(String[] scopes, String claims, Prompt prompt, String loginHint, String
                 tenantId, Boolean async, CancellationToken cancellationToken)
                    at Azure.Identity.MsalPublicClient.AcquireTokenInteractiveAsync(String[] scopes, String claims, Prompt prompt, String loginHint, String tenantId,
                 Boolean async, CancellationToken cancellationToken)
                    at Azure.Identity.InteractiveBrowserCredential.GetTokenViaBrowserLoginAsync(TokenRequestContext context, Boolean async, CancellationToken
                 cancellationToken)
                    at Azure.Identity.InteractiveBrowserCredential.AuthenticateImplAsync(Boolean async, TokenRequestContext requestContext, CancellationToken
                 cancellationToken)
Exception      : Microsoft.Identity.Client.MsalClientException
InvocationInfo : {Connect-AzAccount}
Line           : Connect-AzAccount ; Connect-AzAccount
Position       : At line:1 char:21
                 + Connect-AzAccount ; Connect-AzAccount
                 +                     ~~~~~~~~~~~~~~~~~
HistoryId      : 8



DEBUG: 9:26:16 AM - [ConfigManager] Got nothing from [DisplayRegionIdentified], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 9:26:16 AM - [ConfigManager] Got nothing from [CheckForUpgrade], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: AzureQoSEvent:  Module: Az.Accounts:2.13.2; CommandName: Resolve-AzError; PSVersion: 7.4.0; IsSuccess: True; Duration: 00:00:00.1141222
DEBUG: 9:26:16 AM - [ConfigManager] Got nothing from [EnableDataCollection], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 9:26:16 AM - ResolveError end processing.

[elliot-huffman]

PS> Connect-AzAccount ; Connect-AzAccount

Full debug logging of both cmdlets

DEBUG: Initializing ConditionalAssemblyContext. PSEdition is [Core]. PSVersion is [7.4.0].
DEBUG: Initializing ConditionalAssemblyProvider. AssemblyRootPath is [C:\Program Files\PowerShell\Modules\Az.Accounts\2.13.2\StartupScripts\..\lib].
DEBUG: Registering Az shared AssemblyLoadContext.
DEBUG: AssemblyLoadContext registered.
DEBUG: Got version 0 of Az
DEBUG: Got version 0 of Az.Accounts
DEBUG: 9:24:20 AM - ConnectAzureRmAccountCommand begin processing with ParameterSet 'UserWithSubscriptionId'.
DEBUG: 9:24:20 AM - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 9:24:20 AM - [ConfigManager] Got nothing from [DefaultSubscriptionForLogin], Module = [], Cmdlet = []. Returning default value [].
DEBUG: 9:24:20 AM - Autosave setting from startup session: 'CurrentUser'
DEBUG: 9:24:20 AM - No autosave setting detected in environment variable 'AzContextAutoSave'.
DEBUG: 9:24:20 AM - Using Autosave scope 'CurrentUser'
DEBUG: InteractiveBrowserCredential.Authenticate invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:20Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] MSAL MSAL.NetCore with assembly version '4.49.1.0'. CorrelationId(0863d272-f14d-4de5-9dbf-e2b42c366334)
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:20Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] === InteractiveParameters Data ===
LoginHint provided: False
User provided: False
UseEmbeddedWebView: NotSpecified
ExtraScopesToConsent:
Prompt: select_account
HasCustomWebUi: False

DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:20Z - 0863d272-f14d-4de5-9dbf-e2b42c366334]
=== Request Data ===
Authority Provided? - True
Scopes - https://management.core.windows.net//.default
Extra Query Params Keys (space separated) -
ApiId - AcquireTokenInteractive
IsConfidentialClient - False
SendX5C - False
LoginHint ? False
IsBrokerConfigured - False
HomeAccountId - False
CorrelationId - 0863d272-f14d-4de5-9dbf-e2b42c366334
UserAssertion set: False
LongRunningOboCacheKey set: False
Region configured:

DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:20Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] === Token Acquisition (InteractiveRequest) started:
         Scopes: https://management.core.windows.net//.default
        Authority Host: login.microsoftonline.com
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:20Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] [Instance Discovery] Instance discovery is enabled and will be performed
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:20Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:20Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] Fetching instance discovery from the network from host login.microsoftonline.com.
DEBUG: Request [9f7a0cc0-96d1-4376-9b2a-4fd9f3171f7a] GET https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=REDACTED
x-client-SKU:REDACTED
x-client-Ver:REDACTED
x-client-CPU:REDACTED
x-client-OS:REDACTED
client-request-id:REDACTED
return-client-request-id:REDACTED
x-app-name:REDACTED
x-app-ver:REDACTED
x-ms-client-request-id:9f7a0cc0-96d1-4376-9b2a-4fd9f3171f7a
x-ms-return-client-request-id:true
User-Agent:azsdk-net-Identity/1.6.1 (.NET 8.0.0; Microsoft Windows 10.0.22631)
client assembly: Azure.Identity
DEBUG: Response [9f7a0cc0-96d1-4376-9b2a-4fd9f3171f7a] 200 OK (00.2s)
Cache-Control:max-age=86400, private
Strict-Transport-Security:REDACTED
X-Content-Type-Options:REDACTED
Access-Control-Allow-Origin:REDACTED
Access-Control-Allow-Methods:REDACTED
P3P:REDACTED
client-request-id:REDACTED
x-ms-request-id:6505573c-0f60-4421-bc27-a1ceea4c9500
x-ms-ests-server:REDACTED
X-XSS-Protection:REDACTED
Set-Cookie:REDACTED
Date:Mon, 11 Dec 2023 14:24:19 GMT
Content-Type:application/json; charset=utf-8
Content-Length:957

DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:20Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] Authority validation enabled? True.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:20Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] Authority validation - is known env? True.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:20Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] Using system browser.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:20Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] Listening for authorization code on http://localhost:8400/
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:24Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] Processing a response message to the browser. HttpStatus:OK
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:24Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] An authorization code was retrieved from the /authorize endpoint.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:24Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] Exchanging the auth code for tokens.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:24Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] === InteractiveParameters Data ===
LoginHint provided: False
User provided: False
UseEmbeddedWebView: NotSpecified
ExtraScopesToConsent:
Prompt: select_account
HasCustomWebUi: False

DEBUG: Request [55a5abd1-de90-4478-98b1-f9a1bc233bda] POST https://login.microsoftonline.com/organizations/oauth2/v2.0/token
x-client-SKU:REDACTED
x-client-Ver:REDACTED
x-client-CPU:REDACTED
x-client-OS:REDACTED
x-anchormailbox:REDACTED
x-client-current-telemetry:REDACTED
x-client-last-telemetry:REDACTED
x-ms-lib-capability:REDACTED
client-request-id:REDACTED
return-client-request-id:REDACTED
x-app-name:REDACTED
x-app-ver:REDACTED
Content-Type:application/x-www-form-urlencoded
x-ms-client-request-id:55a5abd1-de90-4478-98b1-f9a1bc233bda
x-ms-return-client-request-id:true
User-Agent:azsdk-net-Identity/1.6.1 (.NET 8.0.0; Microsoft Windows 10.0.22631)
client assembly: Azure.Identity
DEBUG: Response [55a5abd1-de90-4478-98b1-f9a1bc233bda] 200 OK (00.3s)
Cache-Control:no-store, no-cache
Pragma:no-cache
Strict-Transport-Security:REDACTED
X-Content-Type-Options:REDACTED
P3P:REDACTED
client-request-id:REDACTED
x-ms-request-id:58c858a1-03b1-4091-b8f6-e1dec3588500
x-ms-ests-server:REDACTED
x-ms-clitelem:REDACTED
X-XSS-Protection:REDACTED
Set-Cookie:REDACTED
Date:Mon, 11 Dec 2023 14:24:23 GMT
Content-Type:application/json; charset=utf-8
Expires:-1
Content-Length:5218

DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] Checking client info returned from the server..
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] Saving token response to cache..
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] [SaveTokenResponseAsync] Saving AT in cache and removing overlapping ATs...
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] Looking for scopes for the authority in the cache which intersect with https://management.core.windows.net//.default
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] Intersecting scope entries count - 1
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] Matching entries after filtering by user - 1
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] [SaveTokenResponseAsync] Saving Id Token and Account in cache ...
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] [SaveTokenResponseAsync] Saving RT in cache...
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] Not writing FRT in ADAL legacy cache.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 0863d272-f14d-4de5-9dbf-e2b42c366334]
        === Token Acquisition finished successfully:
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 0863d272-f14d-4de5-9dbf-e2b42c366334]  AT expiration time: 12/11/2023 3:30:38 PM +00:00, scopes: https://management.core.windows.net//user_impersonation https://management.core.windows.net//.default. source: IdentityProvider
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 0863d272-f14d-4de5-9dbf-e2b42c366334] Fetched access token from host login.microsoftonline.com.
DEBUG: InteractiveBrowserCredential.Authenticate succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:  ExpiresOn: 2023-12-11T15:30:38.1183837+00:00
DEBUG: 9:24:25 AM - [MsalAccessToken] Calling InteractiveBrowserCredential.GetTokenAsync - Scopes:'https://management.core.windows.net//.default'
DEBUG: InteractiveBrowserCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 8d53cf4c-c9eb-46e5-9893-7656498752f1] MSAL MSAL.NetCore with assembly version '4.49.1.0'. CorrelationId(8d53cf4c-c9eb-46e5-9893-7656498752f1)
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 8d53cf4c-c9eb-46e5-9893-7656498752f1] === AcquireTokenSilent Parameters ===
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 8d53cf4c-c9eb-46e5-9893-7656498752f1] LoginHint provided: False
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 8d53cf4c-c9eb-46e5-9893-7656498752f1] Account provided: True
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 8d53cf4c-c9eb-46e5-9893-7656498752f1] ForceRefresh: False
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 8d53cf4c-c9eb-46e5-9893-7656498752f1]
=== Request Data ===
Authority Provided? - True
Scopes - https://management.core.windows.net//.default
Extra Query Params Keys (space separated) -
ApiId - AcquireTokenSilent
IsConfidentialClient - False
SendX5C - False
LoginHint ? False
IsBrokerConfigured - False
HomeAccountId - False
CorrelationId - 8d53cf4c-c9eb-46e5-9893-7656498752f1
UserAssertion set: False
LongRunningOboCacheKey set: False
Region configured:

DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 8d53cf4c-c9eb-46e5-9893-7656498752f1] === Token Acquisition (SilentRequest) started:
         Scopes: https://management.core.windows.net//.default
        Authority Host: login.microsoftonline.com
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 8d53cf4c-c9eb-46e5-9893-7656498752f1] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 8d53cf4c-c9eb-46e5-9893-7656498752f1] Access token is not expired. Returning the found cache entry. [Current time (12/11/2023 14:24:25) - Expiration Time (12/11/2023 15:30:38 +00:00) - Extended Expiration Time (12/11/2023 15:30:38 +00:00)]
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 8d53cf4c-c9eb-46e5-9893-7656498752f1] Returning access token found in cache. RefreshOn exists ? False
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 8d53cf4c-c9eb-46e5-9893-7656498752f1] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 8d53cf4c-c9eb-46e5-9893-7656498752f1]
        === Token Acquisition finished successfully:
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 8d53cf4c-c9eb-46e5-9893-7656498752f1]  AT expiration time: 12/11/2023 3:30:38 PM +00:00, scopes: https://management.core.windows.net//user_impersonation https://management.core.windows.net//.default. source: Cache
DEBUG: InteractiveBrowserCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:  ExpiresOn: 2023-12-11T15:30:38.0000000+00:00
DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
GET

Absolute Uri:
https://management.azure.com/tenants?api-version=2021-01-01

Headers:
Accept-Language               : en-US
x-ms-client-request-id        : 590ead44-892b-4909-8434-70c0d901cf6d

Body:



DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
OK

Headers:
Cache-Control                 : no-cache
Pragma                        : no-cache
x-ms-ratelimit-remaining-tenant-reads: 11999
x-ms-request-id               : ad81fa23-999d-4ae8-9624-5c620dfca124
x-ms-correlation-request-id   : ad81fa23-999d-4ae8-9624-5c620dfca124
x-ms-routing-request-id       : CENTRALUS:20231211T142424Z:ad81fa23-999d-4ae8-9624-5c620dfca124
Strict-Transport-Security     : max-age=31536000; includeSubDomains
X-Content-Type-Options        : nosniff
Date                          : Mon, 11 Dec 2023 14:24:24 GMT

Body:
{
  "value": [
    {
      "id": "/tenants/REDACTED-TENANTID",
      "tenantId": "REDACTED-TENANTID",
      "countryCode": "US",
      "displayName": "CONTOSO",
      "domains": [
        "contoso.onmicrosoft.com",
        "contoso.com"
      ],
      "tenantCategory": "Home",
      "defaultDomain": "contoso.com",
      "tenantType": "AAD",
      "tenantBrandingLogoUrl": "REDACTED"
    }
  ]
}


DEBUG: 9:24:25 AM - [SilentAuthenticator] Calling SharedTokenCacheCredential.GetTokenAsync - TenantId:'REDACTED-TENANTID', Scopes:'https://management.core.windows.net//.default', AuthorityHost:'https://login.microsoftonline.com/', UserId:'user@example.com'
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 35dbc609-6a0f-4561-a6ac-14f48a413377] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 35dbc609-6a0f-4561-a6ac-14f48a413377] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 35dbc609-6a0f-4561-a6ac-14f48a413377] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 35dbc609-6a0f-4561-a6ac-14f48a413377] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 35dbc609-6a0f-4561-a6ac-14f48a413377] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z] Found 1 cache accounts and 0 broker accounts
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z] Returning 1 accounts
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 6db3739b-e99c-4c54-be4c-b7eaea9cef15] MSAL MSAL.NetCore with assembly version '4.49.1.0'. CorrelationId(6db3739b-e99c-4c54-be4c-b7eaea9cef15)
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 6db3739b-e99c-4c54-be4c-b7eaea9cef15] === AcquireTokenSilent Parameters ===
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 6db3739b-e99c-4c54-be4c-b7eaea9cef15] LoginHint provided: False
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 6db3739b-e99c-4c54-be4c-b7eaea9cef15] Account provided: True
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 6db3739b-e99c-4c54-be4c-b7eaea9cef15] ForceRefresh: False
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 6db3739b-e99c-4c54-be4c-b7eaea9cef15]
=== Request Data ===
Authority Provided? - True
Scopes - https://management.core.windows.net//.default
Extra Query Params Keys (space separated) -
ApiId - AcquireTokenSilent
IsConfidentialClient - False
SendX5C - False
LoginHint ? False
IsBrokerConfigured - False
HomeAccountId - False
CorrelationId - 6db3739b-e99c-4c54-be4c-b7eaea9cef15
UserAssertion set: False
LongRunningOboCacheKey set: False
Region configured:

DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 6db3739b-e99c-4c54-be4c-b7eaea9cef15] === Token Acquisition (SilentRequest) started:
         Scopes: https://management.core.windows.net//.default
        Authority Host: login.microsoftonline.com
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 6db3739b-e99c-4c54-be4c-b7eaea9cef15] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 6db3739b-e99c-4c54-be4c-b7eaea9cef15] Access token is not expired. Returning the found cache entry. [Current time (12/11/2023 14:24:25) - Expiration Time (12/11/2023 15:30:38 +00:00) - Extended Expiration Time (12/11/2023 15:30:38 +00:00)]
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 6db3739b-e99c-4c54-be4c-b7eaea9cef15] Returning access token found in cache. RefreshOn exists ? False
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 6db3739b-e99c-4c54-be4c-b7eaea9cef15] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 6db3739b-e99c-4c54-be4c-b7eaea9cef15]
        === Token Acquisition finished successfully:
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 6db3739b-e99c-4c54-be4c-b7eaea9cef15]  AT expiration time: 12/11/2023 3:30:38 PM +00:00, scopes: https://management.core.windows.net//user_impersonation https://management.core.windows.net//.default. source: Cache
DEBUG: SharedTokenCacheCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:  ExpiresOn: 2023-12-11T15:30:38.0000000+00:00
DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
GET

Absolute Uri:
https://management.azure.com/subscriptions?api-version=2021-01-01

Headers:
Accept-Language               : en-US
x-ms-client-request-id        : 590ead44-892b-4909-8434-70c0d901cf6d

Body:



DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
OK

Headers:
Cache-Control                 : no-cache
Pragma                        : no-cache
x-ms-ratelimit-remaining-tenant-reads: 11999
x-ms-request-id               : 51030409-c983-4ad6-a16e-774e3bfbbed5
x-ms-correlation-request-id   : 51030409-c983-4ad6-a16e-774e3bfbbed5
x-ms-routing-request-id       : CENTRALUS:20231211T142425Z:51030409-c983-4ad6-a16e-774e3bfbbed5
Strict-Transport-Security     : max-age=31536000; includeSubDomains
X-Content-Type-Options        : nosniff
Date                          : Mon, 11 Dec 2023 14:24:25 GMT

Body:
{
  "value": [
    {
      "id": "/subscriptions/6c01762c-6c1d-480f-8c9b-d3cc1be0b2b3",
      "authorizationSource": "RoleBased",
      "managedByTenants": [],
      "subscriptionId": "6c01762c-6c1d-480f-8c9b-d3cc1be0b2b3",
      "tenantId": "REDACTED-TENANTID",
      "displayName": "Production",
      "state": "Enabled",
      "subscriptionPolicies": {
        "locationPlacementId": "Public_2014-09-01",
        "quotaId": "Sponsored_2016-01-01",
        "spendingLimit": "Off"
      }
    },
    {
      "id": "/subscriptions/2c282b4b-ad93-4f66-bd56-53ebedeacda8",
      "authorizationSource": "RoleBased",
      "managedByTenants": [],
      "subscriptionId": "2c282b4b-ad93-4f66-bd56-53ebedeacda8",
      "tenantId": "REDACTED-TENANTID",
      "displayName": "Violet's Lab",
      "state": "Enabled",
      "subscriptionPolicies": {
        "locationPlacementId": "Public_2014-09-01",
        "quotaId": "Sponsored_2016-01-01",
        "spendingLimit": "Off"
      }
    },
    {
      "id": "/subscriptions/bf98405c-a3bc-4d60-b131-9919e6913e15",
      "authorizationSource": "RoleBased",
      "managedByTenants": [],
      "subscriptionId": "bf98405c-a3bc-4d60-b131-9919e6913e15",
      "tenantId": "REDACTED-TENANTID",
      "displayName": "Elliot's Lab",
      "state": "Enabled",
      "subscriptionPolicies": {
        "locationPlacementId": "Public_2014-09-01",
        "quotaId": "Sponsored_2016-01-01",
        "spendingLimit": "Off"
      }
    }
  ],
  "count": {
    "type": "Total",
    "value": 3
  }
}


DEBUG: 9:24:25 AM - [SilentAuthenticator] Calling SharedTokenCacheCredential.GetTokenAsync - TenantId:'REDACTED', Scopes:'https://management.core.windows.net//.default', AuthorityHost:'https://login.microsoftonline.com/', UserId:'user@example.com'
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - bb50032e-af9f-41ba-b186-ea7830f7c431] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - bb50032e-af9f-41ba-b186-ea7830f7c431] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - bb50032e-af9f-41ba-b186-ea7830f7c431] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - bb50032e-af9f-41ba-b186-ea7830f7c431] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - bb50032e-af9f-41ba-b186-ea7830f7c431] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z] Found 1 cache accounts and 0 broker accounts
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z] Returning 1 accounts
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 88511c38-e333-4b35-9a92-2a0f497b4317] MSAL MSAL.NetCore with assembly version '4.49.1.0'. CorrelationId(88511c38-e333-4b35-9a92-2a0f497b4317)
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 88511c38-e333-4b35-9a92-2a0f497b4317] === AcquireTokenSilent Parameters ===
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 88511c38-e333-4b35-9a92-2a0f497b4317] LoginHint provided: False
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 88511c38-e333-4b35-9a92-2a0f497b4317] Account provided: True
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 88511c38-e333-4b35-9a92-2a0f497b4317] ForceRefresh: False
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 88511c38-e333-4b35-9a92-2a0f497b4317]
=== Request Data ===
Authority Provided? - True
Scopes - https://management.core.windows.net//.default
Extra Query Params Keys (space separated) -
ApiId - AcquireTokenSilent
IsConfidentialClient - False
SendX5C - False
LoginHint ? False
IsBrokerConfigured - False
HomeAccountId - False
CorrelationId - 88511c38-e333-4b35-9a92-2a0f497b4317
UserAssertion set: False
LongRunningOboCacheKey set: False
Region configured:

DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 88511c38-e333-4b35-9a92-2a0f497b4317] === Token Acquisition (SilentRequest) started:
         Scopes: https://management.core.windows.net//.default
        Authority Host: login.microsoftonline.com
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 88511c38-e333-4b35-9a92-2a0f497b4317] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 88511c38-e333-4b35-9a92-2a0f497b4317] Access token has expired or about to expire. [Current time (12/11/2023 14:24:25) - Expiration Time (12/06/2023 17:35:51 +00:00) - Extended Expiration Time (12/06/2023 17:35:51 +00:00)]
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 88511c38-e333-4b35-9a92-2a0f497b4317] [Region discovery] Not using a regional authority.
WARNING: TenantId 'REDACTED-TENANTID' contains more than one active subscription. First one will be selected for further use. To select another subscription, use Set-AzContext.
To override which subscription Connect-AzAccount selects by default, use `Update-AzConfig -DefaultSubscriptionForLogin 00000000-0000-0000-0000-000000000000`. Go to https://go.microsoft.com/fwlink/?linkid=2200610 for more information.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 88511c38-e333-4b35-9a92-2a0f497b4317] [FindRefreshTokenAsync] Refresh token found in the cache? - True
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 88511c38-e333-4b35-9a92-2a0f497b4317] [Instance Discovery] Instance discovery is enabled and will be performed
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:25Z - 88511c38-e333-4b35-9a92-2a0f497b4317] [Region discovery] Not using a regional authority.
DEBUG: Request [b7e4bf17-a6a7-46a2-8f1b-2882cb7eb5dd] POST https://login.microsoftonline.com/REDACTED/oauth2/v2.0/token
x-client-SKU:REDACTED
x-client-Ver:REDACTED
x-client-CPU:REDACTED
x-client-OS:REDACTED
x-anchormailbox:REDACTED
x-client-current-telemetry:REDACTED
x-client-last-telemetry:REDACTED
x-ms-lib-capability:REDACTED
client-request-id:REDACTED
return-client-request-id:REDACTED
x-app-name:REDACTED
x-app-ver:REDACTED
Content-Type:application/x-www-form-urlencoded
x-ms-client-request-id:b7e4bf17-a6a7-46a2-8f1b-2882cb7eb5dd
x-ms-return-client-request-id:true
User-Agent:azsdk-net-Identity/1.6.1 (.NET 8.0.0; Microsoft Windows 10.0.22631)
client assembly: Azure.Identity
DEBUG: Response [b7e4bf17-a6a7-46a2-8f1b-2882cb7eb5dd] 200 OK (00.2s)
Cache-Control:no-store, no-cache
Pragma:no-cache
Strict-Transport-Security:REDACTED
X-Content-Type-Options:REDACTED
P3P:REDACTED
client-request-id:REDACTED
x-ms-request-id:f44f5248-cde4-44de-8c86-a67d7b807300
x-ms-ests-server:REDACTED
x-ms-clitelem:REDACTED
X-XSS-Protection:REDACTED
Set-Cookie:REDACTED
Date:Mon, 11 Dec 2023 14:24:24 GMT
Content-Type:application/json; charset=utf-8
Expires:-1
Content-Length:5253

DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 88511c38-e333-4b35-9a92-2a0f497b4317] Checking client info returned from the server..
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 88511c38-e333-4b35-9a92-2a0f497b4317] Saving token response to cache..
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 88511c38-e333-4b35-9a92-2a0f497b4317] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 88511c38-e333-4b35-9a92-2a0f497b4317] [SaveTokenResponseAsync] Saving AT in cache and removing overlapping ATs...
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 88511c38-e333-4b35-9a92-2a0f497b4317] Looking for scopes for the authority in the cache which intersect with https://management.core.windows.net//.default
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 88511c38-e333-4b35-9a92-2a0f497b4317] Intersecting scope entries count - 1
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 88511c38-e333-4b35-9a92-2a0f497b4317] Matching entries after filtering by user - 1
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 88511c38-e333-4b35-9a92-2a0f497b4317] [SaveTokenResponseAsync] Saving Id Token and Account in cache ...
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 88511c38-e333-4b35-9a92-2a0f497b4317] [SaveTokenResponseAsync] Saving RT in cache...
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 88511c38-e333-4b35-9a92-2a0f497b4317] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 88511c38-e333-4b35-9a92-2a0f497b4317] Not writing FRT in ADAL legacy cache.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 88511c38-e333-4b35-9a92-2a0f497b4317]
        === Token Acquisition finished successfully:
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 88511c38-e333-4b35-9a92-2a0f497b4317]  AT expiration time: 12/11/2023 3:39:00 PM +00:00, scopes: https://management.core.windows.net//user_impersonation https://management.core.windows.net//.default. source: IdentityProvider
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 88511c38-e333-4b35-9a92-2a0f497b4317] Fetched access token from host login.microsoftonline.com.
DEBUG: SharedTokenCacheCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:  ExpiresOn: 2023-12-11T15:39:00.0792935+00:00
DEBUG: 9:24:26 AM - [SilentAuthenticator] Calling SharedTokenCacheCredential.GetTokenAsync - TenantId:'00000000-0000-0000-0000-000000000000', Scopes:'https://management.core.windows.net//.default', AuthorityHost:'https://login.microsoftonline.com/', UserId:'user@example.com'
DEBUG: SharedTokenCacheCredential.GetToken invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 6c14956f-5da0-4e89-9581-f08494eb6332] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 6c14956f-5da0-4e89-9581-f08494eb6332] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 6c14956f-5da0-4e89-9581-f08494eb6332] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 6c14956f-5da0-4e89-9581-f08494eb6332] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 6c14956f-5da0-4e89-9581-f08494eb6332] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z] Found 1 cache accounts and 0 broker accounts
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z] Returning 1 accounts
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] MSAL MSAL.NetCore with assembly version '4.49.1.0'. CorrelationId(404bcdf7-2453-4bd6-9e9c-d311fb7d439b)
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] === AcquireTokenSilent Parameters ===
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] LoginHint provided: False
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] Account provided: True
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] ForceRefresh: False
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b]
=== Request Data ===
Authority Provided? - True
Scopes - https://management.core.windows.net//.default
Extra Query Params Keys (space separated) -
ApiId - AcquireTokenSilent
IsConfidentialClient - False
SendX5C - False
LoginHint ? False
IsBrokerConfigured - False
HomeAccountId - False
CorrelationId - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b
UserAssertion set: False
LongRunningOboCacheKey set: False
Region configured:

DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] === Token Acquisition (SilentRequest) started:
         Scopes: https://management.core.windows.net//.default
        Authority Host: login.microsoftonline.com
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] Access token has expired or about to expire. [Current time (12/11/2023 14:24:26) - Expiration Time (12/06/2023 17:52:38 +00:00) - Extended Expiration Time (12/06/2023 17:52:38 +00:00)]
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] [FindRefreshTokenAsync] Refresh token found in the cache? - True
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] [Instance Discovery] Instance discovery is enabled and will be performed
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] [Region discovery] Not using a regional authority.
DEBUG: Request [518e3a8c-7720-40b7-a8b3-ef91c7e5f59a] POST https://login.microsoftonline.com/00000000-0000-0000-0000-000000000000/oauth2/v2.0/token
x-client-SKU:REDACTED
x-client-Ver:REDACTED
x-client-CPU:REDACTED
x-client-OS:REDACTED
x-anchormailbox:REDACTED
x-client-current-telemetry:REDACTED
x-client-last-telemetry:REDACTED
x-ms-lib-capability:REDACTED
client-request-id:REDACTED
return-client-request-id:REDACTED
x-app-name:REDACTED
x-app-ver:REDACTED
Content-Type:application/x-www-form-urlencoded
x-ms-client-request-id:518e3a8c-7720-40b7-a8b3-ef91c7e5f59a
x-ms-return-client-request-id:true
User-Agent:azsdk-net-Identity/1.6.1 (.NET 8.0.0; Microsoft Windows 10.0.22631)
client assembly: Azure.Identity
DEBUG: Response [518e3a8c-7720-40b7-a8b3-ef91c7e5f59a] 200 OK (00.4s)
Cache-Control:no-store, no-cache
Pragma:no-cache
Strict-Transport-Security:REDACTED
X-Content-Type-Options:REDACTED
P3P:REDACTED
client-request-id:REDACTED
x-ms-request-id:7c976a7d-a872-4e42-8229-191214761000
x-ms-ests-server:REDACTED
x-ms-clitelem:REDACTED
X-XSS-Protection:REDACTED
Set-Cookie:REDACTED
Date:Mon, 11 Dec 2023 14:24:25 GMT
Content-Type:application/json; charset=utf-8
Expires:-1
Content-Length:5305

DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] Checking client info returned from the server..
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] Saving token response to cache..
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] [SaveTokenResponseAsync] Saving AT in cache and removing overlapping ATs...
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] Looking for scopes for the authority in the cache which intersect with https://management.core.windows.net//.default
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] Intersecting scope entries count - 1
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] Matching entries after filtering by user - 1
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] [SaveTokenResponseAsync] Saving Id Token and Account in cache ...
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] [SaveTokenResponseAsync] Saving RT in cache...
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] Not writing FRT in ADAL legacy cache.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b]
        === Token Acquisition finished successfully:
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b]  AT expiration time: 12/11/2023 3:46:23 PM +00:00, scopes: https://management.core.windows.net//user_impersonation https://management.core.windows.net//.default. source: IdentityProvider
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 404bcdf7-2453-4bd6-9e9c-d311fb7d439b] Fetched access token from host login.microsoftonline.com.
DEBUG: SharedTokenCacheCredential.GetToken succeeded. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:  ExpiresOn: 2023-12-11T15:46:23.5337916+00:00

DEBUG: 9:24:26 AM - [ConfigManager] Got nothing from [DisplayRegionIdentified], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 9:24:26 AM - [ConfigManager] Got nothing from [CheckForUpgrade], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: AzureQoSEvent:  Module: Az.Accounts:2.13.2; CommandName: Connect-AzAccount; PSVersion: 7.4.0; IsSuccess: True; Duration: 00:00:06.7106677
DEBUG: 9:24:26 AM - [ConfigManager] Got nothing from [EnableDataCollection], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 9:24:26 AM - ConnectAzureRmAccountCommand end processing.
DEBUG: 9:24:26 AM - ConnectAzureRmAccountCommand begin processing with ParameterSet 'UserWithSubscriptionId'.
DEBUG: 9:24:26 AM - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 9:24:26 AM - [ConfigManager] Got nothing from [DefaultSubscriptionForLogin], Module = [], Cmdlet = []. Returning default value [].
DEBUG: 9:24:26 AM - Autosave setting from startup session: 'CurrentUser'
DEBUG: 9:24:26 AM - No autosave setting detected in environment variable 'AzContextAutoSave'.
DEBUG: 9:24:26 AM - Using Autosave scope 'CurrentUser'
DEBUG: 9:24:26 AM - [InteractiveUserAuthenticator] Calling InteractiveBrowserCredential.AuthenticateAsync with TenantId:'', Scopes:'https://management.core.windows.net//.default', AuthorityHost:'https://login.microsoftonline.com/', RedirectUri:'http://localhost:8400/'
DEBUG: InteractiveBrowserCredential.Authenticate invoked. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:
DEBUG: Executing interactive authentication workflow inline.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 38f71262-ec6f-4801-90c5-4f63c061d0f3] MSAL MSAL.NetCore with assembly version '4.49.1.0'. CorrelationId(38f71262-ec6f-4801-90c5-4f63c061d0f3)
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 38f71262-ec6f-4801-90c5-4f63c061d0f3] === InteractiveParameters Data ===
LoginHint provided: False
User provided: False
UseEmbeddedWebView: NotSpecified
ExtraScopesToConsent:
Prompt: select_account
HasCustomWebUi: False

DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 38f71262-ec6f-4801-90c5-4f63c061d0f3]
=== Request Data ===
Authority Provided? - True
Scopes - https://management.core.windows.net//.default
Extra Query Params Keys (space separated) -
ApiId - AcquireTokenInteractive
IsConfidentialClient - False
SendX5C - False
LoginHint ? False
IsBrokerConfigured - False
HomeAccountId - False
CorrelationId - 38f71262-ec6f-4801-90c5-4f63c061d0f3
UserAssertion set: False
LongRunningOboCacheKey set: False
Region configured:

DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 38f71262-ec6f-4801-90c5-4f63c061d0f3] === Token Acquisition (InteractiveRequest) started:
         Scopes: https://management.core.windows.net//.default
        Authority Host: login.microsoftonline.com
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 38f71262-ec6f-4801-90c5-4f63c061d0f3] [Instance Discovery] Instance discovery is enabled and will be performed
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 38f71262-ec6f-4801-90c5-4f63c061d0f3] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 38f71262-ec6f-4801-90c5-4f63c061d0f3] Using system browser.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:26Z - 38f71262-ec6f-4801-90c5-4f63c061d0f3] Listening for authorization code on http://localhost:8400/
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:27Z - 38f71262-ec6f-4801-90c5-4f63c061d0f3] Default OS Browser intercepted an Uri with an error: authentication_failed The authorization server returned an invalid response.
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:27Z - 38f71262-ec6f-4801-90c5-4f63c061d0f3] Processing a response message to the browser. HttpStatus:OK
DEBUG: False MSAL 4.49.1.0 MSAL.NetCore .NET 8.0.0 Microsoft Windows 10.0.22631 [2023-12-11 14:24:27Z - 38f71262-ec6f-4801-90c5-4f63c061d0f3] Exception type: Microsoft.Identity.Client.MsalClientException
, ErrorCode: loopback_response_uri_mismatch

   at Microsoft.Identity.Client.Platforms.Shared.Desktop.OsBrowser.DefaultOsBrowserWebUi.AcquireAuthorizationAsync(Uri authorizationUri, Uri redirectUri, RequestContext requestContext, CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.AuthCodeRequestComponent.FetchAuthCodeAndPkceInternalAsync(IWebUI webUi, CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.AuthCodeRequestComponent.FetchAuthCodeAndPkceVerifierAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.GetTokenResponseAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.ExecuteAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.Requests.RequestBase.RunAsync(CancellationToken cancellationToken)
DEBUG: InteractiveBrowserCredential.Authenticate was unable to retrieve an access token. Scopes: [ https://management.core.windows.net//.default ] ParentRequestId:  Exception: Azure.Identity.AuthenticationFailedException (0x80131500): InteractiveBrowserCredential authentication failed: Redirect Uri mismatch.  Expected (/favicon.ico) Actual (/).
 ---> Microsoft.Identity.Client.MsalClientException (0x80131500): Redirect Uri mismatch.  Expected (/favicon.ico) Actual (/).
WARNING: Unable to acquire token for tenant 'organizations' with error 'InteractiveBrowserCredential authentication failed: Redirect Uri mismatch.  Expected (/favicon.ico) Actual (/). '
DEBUG: 9:24:27 AM - Unable to acquire token for tenant 'organizations' with error 'Azure.Identity.AuthenticationFailedException: InteractiveBrowserCredential authentication failed: Redirect Uri mismatch.  Expected (/favicon.ico) Actual (/).
 ---> MSAL.NetCore.4.49.1.0.MsalClientException:
        ErrorCode: loopback_response_uri_mismatch
Microsoft.Identity.Client.MsalClientException: Redirect Uri mismatch.  Expected (/favicon.ico) Actual (/).
   at Microsoft.Identity.Client.Platforms.Shared.Desktop.OsBrowser.DefaultOsBrowserWebUi.AcquireAuthorizationAsync(Uri authorizationUri, Uri redirectUri, RequestContext requestContext, CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.AuthCodeRequestComponent.FetchAuthCodeAndPkceInternalAsync(IWebUI webUi, CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.AuthCodeRequestComponent.FetchAuthCodeAndPkceVerifierAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.GetTokenResponseAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.ExecuteAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.Requests.RequestBase.RunAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.ApiConfig.Executors.PublicClientExecutor.ExecuteAsync(AcquireTokenCommonParameters commonParameters, AcquireTokenInteractiveParameters interactiveParameters, CancellationToken cancellationToken)
   at Azure.Identity.AbstractAcquireTokenParameterBuilderExtensions.ExecuteAsync[T](AbstractAcquireTokenParameterBuilder`1 builder, Boolean async, CancellationToken cancellationToken)
   at Azure.Identity.MsalPublicClient.AcquireTokenInteractiveCoreAsync(String[] scopes, String claims, Prompt prompt, String loginHint, String tenantId, Boolean async, CancellationToken cancellationToken)
   at Azure.Identity.MsalPublicClient.AcquireTokenInteractiveAsync(String[] scopes, String claims, Prompt prompt, String loginHint, String tenantId, Boolean async, CancellationToken cancellationToken)
   at Azure.Identity.InteractiveBrowserCredential.GetTokenViaBrowserLoginAsync(TokenRequestContext context, Boolean async, CancellationToken cancellationToken)
   at Azure.Identity.InteractiveBrowserCredential.AuthenticateImplAsync(Boolean async, TokenRequestContext requestContext, CancellationToken cancellationToken)
   --- End of inner exception stack trace ---
   at Azure.Identity.CredentialDiagnosticScope.FailWrapAndThrow(Exception ex, String additionalMessage)
   at Azure.Identity.InteractiveBrowserCredential.AuthenticateImplAsync(Boolean async, TokenRequestContext requestContext, CancellationToken cancellationToken)
   at Azure.Identity.InteractiveBrowserCredential.AuthenticateAsync(TokenRequestContext requestContext, CancellationToken cancellationToken)
   at Microsoft.Azure.PowerShell.Authenticators.MsalAccessToken.GetAccessTokenAsync(Task`1 authTask, TokenCredential tokenCredential, TokenRequestContext requestContext, CancellationToken cancellationToken)
   at Microsoft.Azure.Commands.Common.Authentication.Factories.AuthenticationFactory.Authenticate(IAzureAccount account, IAzureEnvironment environment, String tenant, SecureString password, String promptBehavior, Action`1 promptAction, IAzureTokenCache tokenCache, String resourceId)
   at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.AcquireAccessToken(IAzureAccount account, IAzureEnvironment environment, String tenantId, SecureString password, String promptBehavior, Action`1 promptAction, String resourceId)
   at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListAccountTenants(IAzureAccount account, IAzureEnvironment environment, SecureString password, String promptBehavior, Action`1 promptAction)'
WARNING: Please run 'Connect-AzAccount -DeviceCode' if browser is not supported in this session.
DEBUG: Azure.Identity.AuthenticationFailedException: InteractiveBrowserCredential authentication failed: Redirect Uri mismatch.  Expected (/favicon.ico) Actual (/).
 ---> MSAL.NetCore.4.49.1.0.MsalClientException:
        ErrorCode: loopback_response_uri_mismatch
Microsoft.Identity.Client.MsalClientException: Redirect Uri mismatch.  Expected (/favicon.ico) Actual (/).
   at Microsoft.Identity.Client.Platforms.Shared.Desktop.OsBrowser.DefaultOsBrowserWebUi.AcquireAuthorizationAsync(Uri authorizationUri, Uri redirectUri, RequestContext requestContext, CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.AuthCodeRequestComponent.FetchAuthCodeAndPkceInternalAsync(IWebUI webUi, CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.AuthCodeRequestComponent.FetchAuthCodeAndPkceVerifierAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.GetTokenResponseAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.ExecuteAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.Requests.RequestBase.RunAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.ApiConfig.Executors.PublicClientExecutor.ExecuteAsync(AcquireTokenCommonParameters commonParameters, AcquireTokenInteractiveParameters interactiveParameters, CancellationToken cancellationToken)
   at Azure.Identity.AbstractAcquireTokenParameterBuilderExtensions.ExecuteAsync[T](AbstractAcquireTokenParameterBuilder`1 builder, Boolean async, CancellationToken cancellationToken)
   at Azure.Identity.MsalPublicClient.AcquireTokenInteractiveCoreAsync(String[] scopes, String claims, Prompt prompt, String loginHint, String tenantId, Boolean async, CancellationToken cancellationToken)
   at Azure.Identity.MsalPublicClient.AcquireTokenInteractiveAsync(String[] scopes, String claims, Prompt prompt, String loginHint, String tenantId, Boolean async, CancellationToken cancellationToken)
   at Azure.Identity.InteractiveBrowserCredential.GetTokenViaBrowserLoginAsync(TokenRequestContext context, Boolean async, CancellationToken cancellationToken)
   at Azure.Identity.InteractiveBrowserCredential.AuthenticateImplAsync(Boolean async, TokenRequestContext requestContext, CancellationToken cancellationToken)
   --- End of inner exception stack trace ---
   at Azure.Identity.CredentialDiagnosticScope.FailWrapAndThrow(Exception ex, String additionalMessage)
   at Azure.Identity.InteractiveBrowserCredential.AuthenticateImplAsync(Boolean async, TokenRequestContext requestContext, CancellationToken cancellationToken)
   at Azure.Identity.InteractiveBrowserCredential.AuthenticateAsync(TokenRequestContext requestContext, CancellationToken cancellationToken)
   at Microsoft.Azure.PowerShell.Authenticators.MsalAccessToken.GetAccessTokenAsync(Task`1 authTask, TokenCredential tokenCredential, TokenRequestContext requestContext, CancellationToken cancellationToken)
   at Microsoft.Azure.Commands.Common.Authentication.Factories.AuthenticationFactory.Authenticate(IAzureAccount account, IAzureEnvironment environment, String tenant, SecureString password, String promptBehavior, Action`1 promptAction, IAzureTokenCache tokenCache, String resourceId)
   at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.AcquireAccessToken(IAzureAccount account, IAzureEnvironment environment, String tenantId, SecureString password, String promptBehavior, Action`1 promptAction, String resourceId)
   at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.ListAccountTenants(IAzureAccount account, IAzureEnvironment environment, SecureString password, String promptBehavior, Action`1 promptAction)
   at Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient.Login(IAzureAccount account, IAzureEnvironment environment, String tenantIdOrName, String subscriptionId, String subscriptionName, SecureString password, Boolean skipValidation, IOpenIDConfiguration openIDConfigDoc, Action`1 promptAction, String name, Boolean shouldPopulateContextList, Int32 maxContextPopulation, String authScope)
   at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>c__DisplayClass127_2.<ExecuteCmdlet>b__5()
   at System.Threading.Tasks.Task`1.InnerInvoke()
   at System.Threading.ExecutionContext.RunFromThreadPoolDispatchLoop(Thread threadPoolThread, ExecutionContext executionContext, ContextCallback callback, Object state)
--- End of stack trace from previous location ---
   at System.Threading.ExecutionContext.RunFromThreadPoolDispatchLoop(Thread threadPoolThread, ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Threading.Tasks.Task.ExecuteWithThreadLocal(Task& currentTaskSlot, Thread threadPoolThread)
--- End of stack trace from previous location ---
   at Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand.<>c__DisplayClass127_1.<ExecuteCmdlet>b__1(AzureRmProfile localProfile, RMProfileClient profileClient, String name)
DEBUG: 9:24:27 AM - [ConfigManager] Got nothing from [DisableErrorRecordsPersistence], Module = [], Cmdlet = []. Returning default value [False].
DEBUG: 9:24:27 AM - [ConfigManager] Got nothing from [EnableDataCollection], Module = [], Cmdlet = []. Returning default value [True].
Account            SubscriptionName TenantId                             Environment
-------            ---------------- --------                             -----------
user@example.com Production       REDACTED-TENANTID AzureCloud
Connect-AzAccount: InteractiveBrowserCredential authentication failed: Redirect Uri mismatch.  Expected (/favicon.ico) Actual (/).
DEBUG: 9:24:27 AM - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 9:24:27 AM - [ConfigManager] Got nothing from [DisplayRegionIdentified], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 9:24:27 AM - [ConfigManager] Got nothing from [CheckForUpgrade], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: AzureQoSEvent:  Module: Az.Accounts:2.13.2; CommandName: Connect-AzAccount; PSVersion: 7.4.0; IsSuccess: False; Duration: 00:00:00.4563340; Exception: InteractiveBrowserCredential authentication failed: Redirect Uri mismatch.  Expected (/favicon.ico) Actual (/). ;
DEBUG: 9:24:27 AM - ConnectAzureRmAccountCommand end processing.

[isra-fel]

Thanks for your thorough investigation @elliot-huffman We will look into it. cc @msJinLei we should also consider: (a) can Azure.Identity (or MSAL) handle ports for us so we don't have to (b) Azure Stack

[isra-fel]

BTW @elliot-huffman could you share the real-world scenario of continuously Connect-AzAccount? We would like to understand the context. Thanks.

[elliot-huffman]

Sure, we have a multi-tenant reporting system for service configurations (Azure Rest, Graph API, and SCC), the login sequence first logs into the tenant that contains an Azure SQL DB that will store the reports, and then acquires an access token.
The system then disconnects the AZ session then proceeds to log into the secondary (any arbitrary) tenant (which could be different every time). The rest of the process takes place in the secondary tenant and usually takes less than an hour to run so the access token for the first tenant never expires and can be used throughout.

We call them in two short succession, we specifically fire the second one off right after we have the AzSQL DB's access token, which is a very fast process and the user usually doesn't have the tab closed before the second authentication process kicks off.

[elliot-huffman]

Any Updates?

[AnthonyDiazOCR]

Any update to this issue? I'm seeing the exact same problem. In my case, there is another process that already uses port 8400 as a default port. This is controlled by the enterprise team, so it is very difficult to justify changing configurations for tens of thousands of computers for some people that need to log in through this method.