Open
Description
Description
When using the following Azure PowerShell commands:
- Set-AzSynapseSqlActiveDirectoryAdministrator
- Get-AzRoleAssignment
- New-AzRoleAssignment
In certain Azure tenants, these commands fail with the following error message:
Example
PS C:\Users\u> Get-AzRoleAssignment -ObjectId '0000' -Scope "/"
Get-AzRoleAssignment: Your Azure credentials have not been set up or have expired, please run Connect-AzAccount to set up your Azure credentials.
Authentication failed against resource MicrosoftGraphEndpointResourceId. User interaction is required. This may be due to the conditional access policy settings such as multi-factor authentication (MFA). Please rerun 'Connect-AzAccount' with additional parameter '-AuthScope MicrosoftGraphEndpointResourceId'.
PS C:\Users\u> New-AzRoleAssignment -ObjectId '00000' -RoleDefinitionName "Managed HSM Administrator" -Scope "/"
New-AzRoleAssignment: Your Azure credentials have not been set up or have expired, please run Connect-AzAccount to set up your Azure credentials.
Authentication failed against resource MicrosoftGraphEndpointResourceId. User interaction is required. This may be due to the conditional access policy settings such as multi-factor authentication (MFA). Please rerun 'Connect-AzAccount' with additional parameter '-AuthScope MicrosoftGraphEndpointResourceId'.
PS C:\Users\u> Set-AzSynapseSqlActiveDirectoryAdministrator -ResourceGroupName "rg" -WorkspaceName "xx" -DisplayName 'xxx'
Set-AzSynapseSqlActiveDirectoryAdministrator: Your Azure credentials have not been set up or have expired, please run Connect-AzAccount to set up your Azure credentials.
Authentication failed against resource MicrosoftGraphEndpointResourceId. User interaction is required. This may be due to the conditional access policy settings such as multi-factor authentication (MFA). Please rerun 'Connect-AzAccount' with additional parameter '-AuthScope MicrosoftGraphEndpointResourceId'.Issue script & Debug output
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:14Z - b605599e-c610-48c0-920a-992a6904c401] === Token Acquisition (SilentRequest) started:
Scopes: https://graph.microsoft.com//.default
Authority Host: login.microsoftonline.com
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:14Z] [Internal cache] Clearing user token cache accessor.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:14Z - b605599e-c610-48c0-920a-992a6904c401] [Internal cache] Total number of cache partitions found while getting access tokens: 1
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:14Z - b605599e-c610-48c0-920a-992a6904c401] [FindAccessTokenAsync] Discovered 4 access tokens in cache using partition key: ObjectId.TenantId
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:14Z - b605599e-c610-48c0-920a-992a6904c401] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:14Z] [Internal cache] Total number of cache partitions found while getting refresh tokens: 1
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:14Z - b605599e-c610-48c0-920a-992a6904c401] [FindRefreshTokenAsync] Discovered 1 refresh tokens in cache using key: ObjectId.TenantId
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:14Z - b605599e-c610-48c0-920a-992a6904c401] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:14Z - b605599e-c610-48c0-920a-992a6904c401] [FindRefreshTokenAsync] Refresh token found in the cache? - True
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:14Z - b605599e-c610-48c0-920a-992a6904c401] [Instance Discovery] Instance discovery is enabled and will be performed
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:14Z - b605599e-c610-48c0-920a-992a6904c401] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:14Z - b605599e-c610-48c0-920a-992a6904c401] [Throttling] Entry found. Creation: 2025/6/20 2:49:01 +00:00 Expiration: 2025/6/20 2:51:01 +00:00
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:14Z - b605599e-c610-48c0-920a-992a6904c401] [Throttling] Removing entry because it is expired
DEBUG: Request [16ce76b2-4b1d-4f16-89af-0fe40e95c398] POST https://login.microsoftonline.com/TenantId/oauth2/v2.0/token
x-client-SKU:REDACTED
x-client-Ver:REDACTED
x-client-OS:REDACTED
x-anchormailbox:REDACTED
x-client-current-telemetry:REDACTED
x-ms-lib-capability:REDACTED
client-request-id:REDACTED
return-client-request-id:REDACTED
Content-Type:application/x-www-form-urlencoded
x-ms-client-request-id:16ce76b2-4b1d-4f16-89af-0fe40e95c398
x-ms-return-client-request-id:true
User-Agent:azsdk-net-Identity/1.13.0 (.NET 9.0.4; Microsoft Windows 10.0.26100)
client assembly: Azure.Identity
DEBUG: Error response [16ce76b2-4b1d-4f16-89af-0fe40e95c398] 400 Bad Request (00.6s)
Cache-Control:no-store, no-cache
Pragma:no-cache
Strict-Transport-Security:REDACTED
X-Content-Type-Options:REDACTED
P3P:REDACTED
client-request-id:REDACTED
x-ms-request-id:2820d5b8-690c-444a-b4f9-866d5cc60300
x-ms-ests-server:REDACTED
x-ms-clitelem:REDACTED
x-ms-srs:REDACTED
Content-Security-Policy-Report-Only:REDACTED
X-XSS-Protection:REDACTED
Set-Cookie:REDACTED
Date:Fri, 20 Jun 2025 02:51:16 GMT
Content-Type:application/json; charset=utf-8
Expires:-1
Content-Length:529
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:15Z - b605599e-c610-48c0-920a-992a6904c401] Response status code does not indicate success: 400 (BadRequest).
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:15Z - b605599e-c610-48c0-920a-992a6904c401] Request retry failed.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:15Z - b605599e-c610-48c0-920a-992a6904c401] HttpStatusCode: 400: BadRequest
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:15Z - b605599e-c610-48c0-920a-992a6904c401] === Token Acquisition (1007) failed.
Host: login.microsoftonline.com.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:15Z - b605599e-c610-48c0-920a-992a6904c401] Exception type: Microsoft.Identity.Client.MsalUiRequiredException
, ErrorCode: invalid_grant
HTTP StatusCode 400
CorrelationId b605599e-c610-48c0-920a-992a6904c401
Microsoft Entra ID Error Code AADSTS530084
To see full exception details, enable PII Logging. See https://aka.ms/msal-net-logging
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:15Z - b605599e-c610-48c0-920a-992a6904c401] [Throttling] MsalUiRequiredException encountered - throttling for 120 seconds.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:15Z] [Internal cache] Total number of cache partitions found while getting refresh tokens: 1
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:15Z - b605599e-c610-48c0-920a-992a6904c401] [FindRefreshTokenAsync] Discovered 1 refresh tokens in cache using key: ObjectId.TenantId
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:15Z - b605599e-c610-48c0-920a-992a6904c401] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:15Z - b605599e-c610-48c0-920a-992a6904c401] [FindRefreshTokenAsync] Refresh token found in the cache? - False
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:15Z - b605599e-c610-48c0-920a-992a6904c401] IsLegacyAdalCacheEnabled: yes
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:15Z - b605599e-c610-48c0-920a-992a6904c401] [Region discovery] Not using a regional authority.
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:15Z - b605599e-c610-48c0-920a-992a6904c401] Refreshing the RT failed. Is the exception retryable? False. Is there an AT in the cache that is usable? False
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:15Z - b605599e-c610-48c0-920a-992a6904c401] Failed to refresh the RT and cannot use existing AT (expired or missing).
DEBUG: False MSAL 4.65.0.0 MSAL.CoreCLR .NET 9.0.4 Microsoft Windows 10.0.26100 [2025-06-20 02:51:15Z - b605599e-c610-48c0-920a-992a6904c401] Exception type: Microsoft.Identity.Client.MsalUiRequiredException
, ErrorCode: no_tokens_found
HTTP StatusCode 0
CorrelationId b605599e-c610-48c0-920a-992a6904c401
To see full exception details, enable PII Logging. See https://aka.ms/msal-net-logging
at Microsoft.Identity.Client.Internal.Requests.Silent.SilentRequest.ExecuteAsync(CancellationToken cancellationToken)
at Microsoft.Identity.Client.Internal.Requests.RequestBase.<>c__DisplayClass11_1.<<RunAsync>b__1>d.MoveNext()
--- End of stack trace from previous location ---
at Microsoft.Identity.Client.Utils.StopwatchService.MeasureCodeBlockAsync(Func`1 codeBlock)
at Microsoft.Identity.Client.Internal.Requests.RequestBase.RunAsync(CancellationToken cancellationToken)
DEBUG: SharedTokenCacheCredential.GetToken was unable to retrieve an access token. Scopes: [ https://graph.microsoft.com//.default ] ParentRequestId: Exception: Azure.Identity.CredentialUnavailableException (0x80131500): SharedTokenCacheCredential authentication unavailable. Token acquisition failed for user ??????@microsoft.com. Ensure that you have authenticated with a developer tool that supports Azure single sign on.
---> Microsoft.Identity.Client.MsalUiRequiredException (0x80131500): No Refresh Token found in the cache.
DEBUG: [Common.Authentication]: Received exception Authentication failed against resource MicrosoftGraphEndpointResourceId. User interaction is required. This may be due to the conditional access policy settings such as multi-factor authentication (MFA). Please rerun 'Connect-AzAccount' with additional parameter '-AuthScope MicrosoftGraphEndpointResourceId'., while authenticating.
DEBUG: 10:51:15 - [ConfigManager] Got nothing from [EnableErrorRecordsPersistence], Module = [Az.Synapse], Cmdlet = [Set-AzSynapseSqlActiveDirectoryAdministrator]. Returning default value [False].
Set-AzSynapseSqlActiveDirectoryAdministrator: Your Azure credentials have not been set up or have expired, please run Connect-AzAccount to set up your Azure credentials.
Authentication failed against resource MicrosoftGraphEndpointResourceId. User interaction is required. This may be due to the conditional access policy settings such as multi-factor authentication (MFA). Please rerun 'Connect-AzAccount' with additional parameter '-AuthScope MicrosoftGraphEndpointResourceId'.
DEBUG: 10:51:15 - [ConfigManager] Got nothing from [DisplayBreakingChangeWarning], Module = [Az.Synapse], Cmdlet = [Set-AzSynapseSqlActiveDirectoryAdministrator]. Returning default value [True].
DEBUG: 10:51:15 - [ConfigManager] Got nothing from [DisplayRegionIdentified], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 10:51:15 - [ConfigManager] Got nothing from [CheckForUpgrade], Module = [], Cmdlet = []. Returning default value [True].
DEBUG: 10:51:15 - No authentication telemetry is found for the current cmdlet with Id 499cde50-141c-4b05-bca5-de1eefe5be3b.
DEBUG: AzureQoSEvent: Module: Az.Synapse:3.1.2; CommandName: Set-AzSynapseSqlActiveDirectoryAdministrator; PSVersion: 7.5.1; IsSuccess: False; Duration: 00:00:02.9433357; SanitizeDuration: 00:00:00; Exception: Your Azure credentials have not been set up or have expired, please run Connect-AzAccount to set up your Azure credentials.
Authentication failed against resource MicrosoftGraphEndpointResourceId. User interaction is required. This may be due to the conditional access policy settings such as multi-factor authentication (MFA). Please rerun 'Connect-AzAccount' with additional parameter '-AuthScope MicrosoftGraphEndpointResourceId'.;
DEBUG: 10:51:15 - [ConfigManager] Got [False] from [EnableDataCollection], Module = [], Cmdlet = [].
DEBUG: 10:51:15 - SetAzureSynapseSqlActiveDirectoryAdministrator end processing.Environment data
PS C:\Users\u> $PSVersionTable
Name Value
---- -----
PSVersion 7.5.1
PSEdition Core
GitCommitId 7.5.1
OS Microsoft Windows 10.0.26100
Platform Win32NT
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
WSManStackVersion 3.0Module versions
New-AzRoleAssignment
ModuleType Version PreRelease Name ExportedCommands
---------- ------- ---------- ---- ----------------
Script 5.1.0 Az.Accounts {Add-AzEnvironment, Clear-AzConfig, Clear-AzContext, Clear-AzDefault…}
Script 8.0.0 Az.Resources {Export-AzResourceGroup, Export-AzTemplateSpec, Get-AzDenyAssignment, Get-AzDeployment…}
Get-Module Az*
PS C:\Users\u> Get-Module Az*
ModuleType Version PreRelease Name ExportedCommands
---------- ------- ---------- ---- ----------------
Script 5.1.0 Az.Accounts {Add-AzEnvironment, Clear-AzConfig, Clear-AzContext, Clear-AzDefault…}
Script 6.1.0 Az.Aks {Disable-AzAksAddOn, Enable-AzAksAddOn, Get-AzAksCluster, Get-AzAksNodePool…}
Script 6.3.1 Az.KeyVault {Add-AzKeyVaultCertificate, Add-AzKeyVaultCertificateContact, Add-AzKeyVaultKey, Add-AzKeyVaultManagedStorageAccount…}
Script 8.0.0 Az.Resources {Export-AzResourceGroup, Export-AzTemplateSpec, Get-AzDenyAssignment, Get-AzDeployment…}
Script 3.1.2 Az.Synapse {Add-AzSynapseDataFlowDebugSessionPackage, Add-AzSynapseTriggerSubscription, Clear-AzSynapseSqlPoolVulnerabilityAssessmentRuleBaseline, Co…Error output
HistoryId: 16
Message : Your Azure credentials have not been set up or have expired, please run Connect-AzAccount to set up your Azure credentials.
Authentication failed against resource MicrosoftGraphEndpointResourceId. User interaction is required. This may be due to the conditional access policy settings such as multi-factor authentic
ation (MFA). Please rerun 'Connect-AzAccount' with additional parameter '-AuthScope MicrosoftGraphEndpointResourceId'.
StackTrace : at Microsoft.Azure.Commands.Common.Authentication.Factories.AuthenticationFactory.GetServiceClientCredentials(IAzureContext context, String targetEndpoint, String resourceId, ICmdletContex
t cmdletContext)
at Microsoft.Azure.Commands.Common.Authentication.Factories.AuthenticationFactory.GetServiceClientCredentials(IAzureContext context, String targetEndpoint, ICmdletContext cmdletContext)
at Microsoft.Azure.Commands.Common.Authentication.Factories.ClientFactory.CreateArmClient[TClient](IAzureContext context, String endpoint, ICmdletContext cmdletContext)
at Microsoft.Azure.Commands.Common.Authentication.Factories.ClientFactory.CreateArmClient[TClient](IAzureContext context, String endpoint)
at Microsoft.Azure.Commands.ActiveDirectory.ActiveDirectoryClient..ctor(IAzureContext context)
at Microsoft.Azure.Commands.Resources.Models.Authorization.AuthorizationClient..ctor(IAzureContext context)
at Microsoft.Azure.Commands.Resources.Models.ResourcesBaseCmdlet.get_PoliciesClient()
at Microsoft.Azure.Commands.Resources.NewAzureRoleAssignmentCommand.ExecuteCmdlet()
at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.<>c__3`1.<ExecuteSynchronouslyOrAsJob>b__3_0(T c)
at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet, Action`1 executor)
at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet)
at Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord()
Exception : Microsoft.Azure.Commands.Common.Exceptions.AzPSArgumentException
InvocationInfo : {New-AzRoleAssignment}
Line : New-AzRoleAssignment -ObjectId '00000' -RoleDefinitionName "Managed HSM Administrator" -Scope "/"
Position : At line:1 char:1
+ New-AzRoleAssignment -ObjectId '00000' -RoleDefinitionName "Manage …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
HistoryId : 16
Message : Authentication failed against resource MicrosoftGraphEndpointResourceId. User interaction is required. This may be due to the conditional access policy settings such as multi-factor authentic
ation (MFA). Please rerun 'Connect-AzAccount' with additional parameter '-AuthScope MicrosoftGraphEndpointResourceId'.
StackTrace : at Microsoft.Azure.Commands.Common.Authentication.Factories.AuthenticationFactory.Authenticate(IAzureAccount account, IAzureEnvironment environment, String tenant, SecureString password, S
tring promptBehavior, Action`1 promptAction, IDictionary`2 optionalParameters)
at Microsoft.Azure.Commands.Common.Authentication.Factories.AuthenticationFactory.GetServiceClientCredentials(IAzureContext context, String targetEndpoint, String resourceId, ICmdletContex
t cmdletContext)
Exception : Microsoft.Azure.Commands.Common.Exceptions.AzPSAuthenticationFailedException
InvocationInfo : {New-AzRoleAssignment}
Line : New-AzRoleAssignment -ObjectId '00000' -RoleDefinitionName "Managed HSM Administrator" -Scope "/"
Position : At line:1 char:1
+ New-AzRoleAssignment -ObjectId '00000' -RoleDefinitionName "Manage …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
HistoryId : 16
Message : SharedTokenCacheCredential authentication unavailable. Token acquisition failed for user v-yukunli@microsoft.com. Ensure that you have authenticated with a developer tool that supports Azure
single sign on.
StackTrace : at Azure.Identity.CredentialDiagnosticScope.FailWrapAndThrow(Exception ex, String additionalMessage, Boolean isCredentialUnavailable)
at Azure.Identity.SharedTokenCacheCredential.GetTokenImplAsync(Boolean async, TokenRequestContext requestContext, CancellationToken cancellationToken)
at Azure.Identity.SharedTokenCacheCredential.GetTokenAsync(TokenRequestContext requestContext, CancellationToken cancellationToken)
at Microsoft.Azure.PowerShell.Authenticators.MsalAccessToken.GetAccessTokenAsync(String callerClassName, String parametersLog, TokenCredential tokenCredential, TokenRequestContext requestC
ontext, CancellationToken cancellationToken, String tenantId, String userId, String homeAccountId)
at Microsoft.Azure.Commands.Common.Authentication.Factories.AuthenticationFactory.Authenticate(IAzureAccount account, IAzureEnvironment environment, String tenant, SecureString password, S
tring promptBehavior, Action`1 promptAction, IDictionary`2 optionalParameters)
Exception : Azure.Identity.CredentialUnavailableException
InvocationInfo : {New-AzRoleAssignment}
Line : New-AzRoleAssignment -ObjectId '00000' -RoleDefinitionName "Managed HSM Administrator" -Scope "/"
Position : At line:1 char:1
+ New-AzRoleAssignment -ObjectId '00000' -RoleDefinitionName "Manage …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
HistoryId : 16
Message : No Refresh Token found in the cache.
StackTrace : at Microsoft.Identity.Client.Internal.Requests.Silent.SilentRequest.ExecuteAsync(CancellationToken cancellationToken)
at Microsoft.Identity.Client.Internal.Requests.RequestBase.<>c__DisplayClass11_1.<<RunAsync>b__1>d.MoveNext()
--- End of stack trace from previous location ---
at Microsoft.Identity.Client.Utils.StopwatchService.MeasureCodeBlockAsync(Func`1 codeBlock)
at Microsoft.Identity.Client.Internal.Requests.RequestBase.RunAsync(CancellationToken cancellationToken)
at Microsoft.Identity.Client.ApiConfig.Executors.ClientApplicationBaseExecutor.ExecuteAsync(AcquireTokenCommonParameters commonParameters, AcquireTokenSilentParameters silentParameters, Ca
ncellationToken cancellationToken)
at Azure.Identity.AbstractAcquireTokenParameterBuilderExtensions.ExecuteAsync[T](AbstractAcquireTokenParameterBuilder`1 builder, Boolean async, CancellationToken cancellationToken)
at Azure.Identity.MsalPublicClient.AcquireTokenSilentCoreAsync(String[] scopes, String claims, IAccount account, String tenantId, Boolean enableCae, TokenRequestContext context, Boolean as
ync, CancellationToken cancellationToken)
at Azure.Identity.MsalPublicClient.AcquireTokenSilentAsync(String[] scopes, String claims, IAccount account, String tenantId, Boolean enableCae, TokenRequestContext context, Boolean async,
CancellationToken cancellationToken)
at Azure.Identity.SharedTokenCacheCredential.GetTokenImplAsync(Boolean async, TokenRequestContext requestContext, CancellationToken cancellationToken)
Exception : Microsoft.Identity.Client.MsalUiRequiredException
InvocationInfo : {New-AzRoleAssignment}
Line : New-AzRoleAssignment -ObjectId '00000' -RoleDefinitionName "Managed HSM Administrator" -Scope "/"
Position : At line:1 char:1
+ New-AzRoleAssignment -ObjectId '00000' -RoleDefinitionName "Manage …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
HistoryId : 16