azure-cli: `az login --use-device-code` fails: AADSTS70020: The provided value for the input parameter 'device_code' is not valid. This device code has expired.

This is autogenerated. Please review and update as needed.

Describe the bug

Command Name az login

Errors:

AADSTS70020: The provided value for the input parameter 'device_code' is not valid. This device code has expired.
Trace ID: a8f3578e-d4cb-44ac-91a8-64c1322d6f00
Correlation ID: ed438693-0685-4cfe-923e-b73b5cd759e5
Timestamp: 2022-05-03 08:56:46Z

To Reproduce:

Steps to reproduce the behavior. Note that argument values have been redacted, as they may contain sensitive information.

  • Put any pre-requisite steps here…
  • az login -t {} --use-device-code

Tried many times. Worked fine last week so I tried with 2.35.0. Same result.

Expected Behavior

Succesfull login. Or at least a device code that doesn’t expire after 1-5 seconds.

Environment Summary

Linux-5.17.5-arch1-1-x86_64-with-glibc2.35, Arch Linux
Python 3.10.4
Installer: 

azure-cli 2.36.0 and 2.35.0

Additional Context

About this issue

  • Original URL
  • State: closed
  • Created 2 years ago
  • Reactions: 4
  • Comments: 18 (6 by maintainers)

Most upvoted comments

This issue has been mitigated by AAD service team. Please retry az login --use-device-code and let us know if you can get unblocked.

No longer having issues! ✔️

We are working internally with ESTS team with highest priority. We will keep you updated in this GitHub issue.

This issue affected all client tools rather than Azure CLI and needs to be fixed by AAD service.

Judging from

x-ms-ests-server: 2.1.12651.9 - WEULR1 ProdSlices
x-ms-ests-server: 2.1.12651.9 - WEULR2 ProdSlices

This should be happening for westeurope. I will keep you updated as soon as there is any updates.

I saw an internal incident has already been opened for this issue. I will check with AAD team and let you know if there is any update.

Meanwhile, could you also run the command with -i which will show more info about the server?

$ curl -d 'client_id=04b07795-8ddb-461a-bbee-02f9e1bf7b46&scope=https%3A%2F%2Fmanagement.core.windows.net%2F%2F.default+offline_access+openid+profile' https://login.microsoftonline.com/organizations/oauth2/v2.0/devicecode -i
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: e44170d4-f198-4612-bffd-864786490100
x-ms-ests-server: 2.1.12651.9 - KRSLR1 ProdSlices
X-XSS-Protection: 0
Set-Cookie: fpc=AjQrn3OX4ZpMrEh-DcSa_KN1eSrYAQAAAI4CA9oOAAAA; expires=Thu, 02-Jun-2022 11:01:34 GMT; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: esctx=AQABAAAAAAD--DLA3VO7QrddgJg7Wevrbw5Gj3oEcz48n1UFHRDjhlPUW-VM6cAuMkNDQHDdJ2YFkDzcsbGEed3xwdN4LKO06EBt22_LPpLUVKEaB-1nBIU2D2uTZL-qSKzHMgVz0WI2vqjiORS7wR4yc-e-r69jljQArnK3EMI7bExXist-PhAmtYZ4p7E4yHX6O5g_9McgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
Set-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
Set-Cookie: stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
Date: Tue, 03 May 2022 11:01:34 GMT
Content-Length: 473

{"user_code":"xxx","device_code":"xxx","verification_uri":"https://microsoft.com/devicelogin","expires_in":900,"interval":5,"message":"To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code xxx to authenticate."}