Is it possible authenticate both Connect-AzAccount and Connect-AzureAD using MFA with a single user login prompt?
Question
I set up a visual studio project template that runs setup scripts to automatically register an application and create application insights for the app. The problem is the app registration uses the AzureAD module while the application insights (and the resource group creation if needed) use the Az modules, so I end up needing to do
Connect-AzAccount
Connect-AzureAD
Which prompts the user for their login twice. Is there a way to use the auth from one to authenticate the other?
I've seen similar questions suggesting using get-credential but since my org has multi factor auth that wont work.
Other suggestions were to use a service principal but I don't want to store anything specific in the template and want the auth tied to the user.
I know the Az module has functionality similar to the AzureAD ( New-AzADApplication ) but there are a few things I can't figure out how to do. Specifically, set the applications permissions to sign in on Microsoft graph and set the application owner to the authenticated user. That is why i'm using the AzureAD module instead
1 answers
solution1
6 ACCPTED 2020-04-21 02:57:48
If you want to use the same session to connect Azure and Azure AD in PowerShell, please refer to the following script
Connect-AzAccount
$context=Get-AzContext
Connect-AzureAD -TenantId $context.Tenant.TenantId -AccountId $context.Account.Id
Get-AzureADUser
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.