azuredatastudio: Getting error while connecting to azure sql server. Error: Token retrival failed with an error. Open developer tools to view the error
- Azure Data Studio Version: 1.21.0 (macos)
Steps to Reproduce:
- followed below approach when i got this error
Token retrival failed with an error. Open developer tools to view the error
- Add connection type as Microsoft SQL Server
- Choose Authentication type as Azure Active Directory - Universal with MFA support
- Put Database name 4 Try to connect
I remember i started getting this issue once i changed my AAD password.
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Reactions: 10
- Comments: 40 (4 by maintainers)
Same action and error I was able to work around by clearing files from C:\Users\{UserNameHere}\AppData\Roaming\azuredatastudio\Azure Accounts Then reloading the app. On first load got a blank error notification, second load OK then could connect to server
If you are on Mac, the path to the folder containing the files that should be deleted is:
~/Library/Application Support/azuredatastudio/Azure Accounts
on mac, the folder path is:
~/Library/Application Support/azuredatastudio/Azure Accounts
. I closed Azure Data Studio, removed the fileazureTokenCache_azure_publicCloud
in this folder and restarted Azure Data Studio and it worked again.Hi @lluthus
There are two issues I’ve found with Azure Data Studio’s implementation of Azure AD - Universal with MFA support authentication.
Token refresh failure:
You will find that after about 2 weeks the token dies and will not refresh as you would expect. No amount of trying to open a new connection will trigger the re-auth process.
Solution: Close Azure Data Studio and delete the cached token here: C:\Users\YOUR_USERNAME\AppData\Roaming\azuredatastudio\Azure Accounts
(Note you need to replace YOUR_USERNAME with your local user folder on windows):
HSTS / localhost pinned to https:
You may find due to development work or other applications authenticating that the ‘localhost’ domain has become pinned to HTTPS only in your default browser. When Azure data studio tries to reauthenticate (it opens a browser window with localhost address over http which redirects to Microsoft auth page for you to login). This fails if localhost is pinned to https only.
Solution: To resolve load chrome, Edge or browser you are using and find HSTS settings:
Example in Chrome paste in the address bar: chrome://net-internals/#hsts
First confirm the domain’s HSTS settings are recorded by Chrome by typing the hostname ‘localhost’ into the ‘Query HSTS/PKP domain’ section and click Query.
If the Query box returns a result, then type the same hostname ‘localhost’ into the ‘Delete domain security policies’ section and click Delete.
Now try reconnecting in AzureData Studio.
Hope this helps save countless hours of wasted time.
We made a change to the Grant token refresh code in Feb that should help in some of the scenarios discussed in this issue (specifically password change or token expiration). I’m seeing a notification on startup when the password is expired (and will look into removing that). But the account is refreshing as expected in the Accounts dialog and connections are successful after updating the token. Are you still seeing this on 1.35.1 or later build?
I created a PowerShell script (compatible with Windows and macOS) to automatically close ADS, delete the file(s) in the
Azure Accounts
directory, then relaunch ADS:I’m gonna be adding it as a cmdlet to my local Azure module with the name
CompensateFor-AzureDataStudioInadequacies
.I was unable to follow the workaround above (couldn’t find the specified path on mac) but found a different workaround within Azure Data Studio (v 1.34.0):
On Ubuntu, the folder path is:
/home/$USER/.config/azuredatastudio/Azure Accounts