cli-microsoft365: Bug report: M365 login from behind corp proxy = Error: could not resolve endpoints

Hey, thanks for all the great work on this.

It would be cool if it the http_proxy or https_proxy environment variables were used (if proxyUrl is not set). See https://github.com/pnp/cli-microsoft365/issues/2698#issuecomment-918233174

@nicodecleyre I’m behind a corporate firewall, so I cannot access the internet without using the proxy. (Also on macOS)

Is there any way I could help with this issue? (Unfortunately not a js programmer)

Thank you for offering your help @user799595!

I’ve created a dev environment with a proxy like the article explained in the link that @anthonywhite shared and was able to reproduce the error message. I’ll take a deeper look to it in the coming days and investigate if the msal update that @waldekmastykarz shared can offer a solution to this.

I’ll keep you posted

@anthonywhite the instructions help for sure! I’m on a macOS so I’ll either try for an alternative or use a VM, unless someone else who’s on Windows would like to help with addressing this limitation 😄

Happy to help any way I can and I’m sure that our contributors feel the same way! If we can get to a representative setup, then we can definitely work on a solution. Let’s do this!

We may have found a breaktrough here!

With the msal version we currently use (1.15.0) there is the possibility to provide a proxy url. By providing an additional option proxyUrl with the m365 login it targets the login towards the proxy. Next to that this same option is also provided when doing the actual requests as you can see in the example where I execute the m365 spo web list command.

This is not yet in production! I’ll make a pull request and then we still have to review and test this new functionallity. But i’m really exited about this since it can provide an added value for people behind a corporate proxy

Ps: can a maintainer assign me to the issue please?

Thank you for your feedback everyone! I’ll get to work with the feedback

If I understand correctly, the user adds the proxy url via config set containing the whole string http://username:password@proxy.contoso.com:8080 and we use this config key where needed? Would proxyUrl be a suitable name for the config key?

proxyUrl is a good name for the setting. It’s clear what it’s for.

Should we add a remark to the login command documentation where we explain how one has to configure a key first when using a proxy url? Do you think we should add this information on other places?

As it applies to using CLI at large, I suggest we follow @martinlingstuyl’s suggestion and add it to the guide. Additionally, we should include this in the m365 setup command #4216

Hi @nicodecleyre, great work researching this! I’d suggest we add a separate section to the using guides. Something like ‘Working behind a proxy’.

@nicodecleyre awesome research 👍. I assigned to you as you suggested

Awesome. @nicodecleyre thank you once again for your truly amazing engagement and dedication 👍. You rock 🤩

We’d need to check if the latest versions of MSAL and Axios still have this limitation. It’s been a while since we looked at this issue and we’ve had a couple of updates since

@waldekmastykarz Could something like this help (please note I have not tried myself - I already have a corporate proxy 😉)?

Simulate-an-enterprise-proxy-on-a-single-developer-machine

I appreciate this is a pain for your authors/contributors, but the uncomfortable fact is that a percentage of your users, especially in large companies or regulated industries, are sat behind corporate proxies trying to make dev toolchains work. And the experience is very mixed, some things work and some don’t. I’ve had a lot of pain in this area over many years.

If you do feel able to simulate this use case, that would be much appreciated.

👍 yes please nothing has changed for us.

It seems like just recently there was an update to msal-node that adds support for proxy. @pnp/cli-for-microsoft-365-maintainers we should check it out if it helps addressing this issue.

More info: https://github.com/AzureAD/microsoft-authentication-library-for-js/issues/2600#issuecomment-1048295218

@anthonywhite - would you mind sharing the results of the TLS version check on your proxy, as mentioned above? We’re collectively, and I don’t have an environment such as yours to test on, trying to figure out what’s going on with your environments. It’s obvious to me that something is going on with the proxy configuration that does not work with the M365 CLI setup, and we’re trying to pinpoint where things go wrong.

According to the error message my guess is that there’s an issue with the TLS version.

For instance login.microsoftonline.com requires TLS 1.2 or greater. Can be tested with

curl https://login.microsoftonline.com --verbose --tlsv1.1 --tls-max 1.1

That fails, and the following succeeds:

curl https://login.microsoftonline.com --verbose --tlsv1.2 --tls-max 1.2

@mikeparkie - Can you run the same things but on your proxy address?

@waldekmastykarz indeed I have sir. Rebooted it again just in case 😎

Typically I’m more of an M365 guy than Azure, so I’ll be blocked at some point from a role point of view. But let’s see how far I get 😄

Installed the Azure CLI from the MSI from here, ran az login --debug

Full output is:

cli.knack.cli: __init__ debug log:
Enable color in terminal.
Init colorama.
cli.knack.cli: Event: Cli.PreExecute []
cli.knack.cli: Event: CommandParser.OnGlobalArgumentsCreate [<function CLILogging.on_global_arguments at 0x03B751D8>, <f
unction OutputProducer.on_global_arguments at 0x03CF1070>, <function CLIQuery.on_global_arguments at 0x03D05C40>]
cli.knack.cli: Event: CommandInvoker.OnPreCommandTableCreate []
cli.azure.cli.core: Command index version or cloud profile is invalid or doesn't match the current command.
cli.azure.cli.core: Command index has been invalidated.
cli.azure.cli.core: No module found from index for '['login', '--debug']'
cli.azure.cli.core: Loading all modules and extensions
cli.azure.cli.core: Discovered command modules: ['acr', 'acs', 'advisor', 'ams', 'apim', 'appconfig', 'appservice', 'aro
', 'backup', 'batch', 'batchai', 'billing', 'botservice', 'cdn', 'cloud', 'cognitiveservices', 'config', 'configure', 'c
onsumption', 'container', 'cosmosdb', 'databoxedge', 'deploymentmanager', 'dla', 'dls', 'dms', 'eventgrid', 'eventhubs',
 'extension', 'feedback', 'find', 'hdinsight', 'interactive', 'iot', 'keyvault', 'kusto', 'lab', 'managedservices', 'map
s', 'marketplaceordering', 'monitor', 'natgateway', 'netappfiles', 'network', 'policyinsights', 'privatedns', 'profile',
 'rdbms', 'redis', 'relay', 'reservations', 'resource', 'role', 'search', 'security', 'servicebus', 'servicefabric', 'si
gnalr', 'sql', 'sqlvm', 'storage', 'synapse', 'util', 'vm']
cli.azure.cli.core: Loading command modules:
cli.azure.cli.core: Name                  Load Time    Groups  Commands
cli.azure.cli.core: acr                       0.013        27       113
cli.azure.cli.core: acs                       0.127         8        53
cli.azure.cli.core: advisor                   0.009         3         6
cli.azure.cli.core: ams                       0.009        20        90
cli.azure.cli.core: apim                      0.010         9        50
cli.azure.cli.core: appconfig                 0.005         7        33
cli.azure.cli.core: appservice                0.022        64       225
cli.azure.cli.core: aro                       0.048         1         7
cli.azure.cli.core: backup                    0.007        15        55
cli.azure.cli.core: batch                     0.044        31        92
cli.azure.cli.core: batchai                   0.005        10        30
cli.azure.cli.core: billing                   0.014        19        52
cli.azure.cli.core: botservice                0.006        12        42
cli.azure.cli.core: cdn                       0.025        39       132
cli.azure.cli.core: cloud                     0.004         1         7
cli.azure.cli.core: cognitiveservices         0.004         5        21
cli.azure.cli.core: config                    0.003         2         7
cli.azure.cli.core: configure                 0.003         3         9
cli.azure.cli.core: consumption               0.005         8         9
cli.azure.cli.core: container                 0.004         1        11
cli.azure.cli.core: cosmosdb                  0.016        43       150
cli.azure.cli.core: databoxedge               0.009         5        27
cli.azure.cli.core: deploymentmanager         0.005         7        30
cli.azure.cli.core: dla                       0.007        23        62
cli.azure.cli.core: dls                       0.006         7        41
cli.azure.cli.core: dms                       0.004         3        22
cli.azure.cli.core: eventgrid                 0.007        18        61
cli.azure.cli.core: eventhubs                 0.008        14        51
cli.azure.cli.core: extension                 0.002         1         7
cli.azure.cli.core: feedback                  0.002         1         1
cli.azure.cli.core: find                      0.002         1         1
cli.azure.cli.core: hdinsight                 0.005         8        39
cli.azure.cli.core: interactive               0.001         1         1
cli.azure.cli.core: iot                       0.020        16        71
cli.azure.cli.core: keyvault                  0.014        19       118
cli.azure.cli.core: kusto                     0.004         3        14
cli.azure.cli.core: lab                       0.007        11        34
cli.azure.cli.core: managedservices           0.003         3         8
cli.azure.cli.core: maps                      0.003         5        13
cli.azure.cli.core: marketplaceordering       0.006         1         2
cli.azure.cli.core: monitor                   0.014        32       133
cli.azure.cli.core: natgateway                0.004         3         6
cli.azure.cli.core: netappfiles               0.007        13        56
cli.azure.cli.core: network                   0.081       137       630
cli.azure.cli.core: policyinsights            0.004         6        12
cli.azure.cli.core: privatedns                0.008        14        66
cli.azure.cli.core: profile                   0.003         2         9
cli.azure.cli.core: rdbms                     0.141        46       197
cli.azure.cli.core: redis                     0.004         4        24
cli.azure.cli.core: relay                     0.006        10        37
cli.azure.cli.core: reservations              0.004         5        12
cli.azure.cli.core: resource                  0.018        40       186
cli.azure.cli.core: role                      0.005        17        61
cli.azure.cli.core: search                    0.004         7        22
cli.azure.cli.core: security                  0.008        36        81
cli.azure.cli.core: servicebus                0.008        17        64
cli.azure.cli.core: servicefabric             0.007        26        75
cli.azure.cli.core: signalr                   0.004         6        20
cli.azure.cli.core: sql                       0.017        45       179
cli.azure.cli.core: sqlvm                     0.005         4        17
cli.azure.cli.core: storage                   0.056        53       249
cli.azure.cli.core: synapse                   0.013        35       147
cli.azure.cli.core: util                      0.002         2         4
cli.azure.cli.core: vm                        0.034        48       245
cli.azure.cli.core: Total (64)                0.958      1083      4329
cli.azure.cli.core: Loaded 1073 groups, 4329 commands.
cli.azure.cli.core: Updated command index in 0.005 seconds.
cli.knack.cli: Event: CommandInvoker.OnPreCommandTableTruncate [<function AzCliLogging.init_command_file_logging at 0x04
091190>]
cli.azure.cli.core.azlogging: metadata file logging enabled - writing logs to 'C:\Users\USERNAME\.azure\commands
\2021-09-13.09-39-18.login.5008.log'.
az_command_data_logger: command args: login --debug
cli.knack.cli: Event: CommandInvoker.OnPreArgumentLoad [<function register_global_subscription_argument.<locals>.add_sub
scription_parameter at 0x045D9F58>, <function register_global_query_examples_argument.<locals>.register_query_examples a
t 0x046091D8>]
cli.knack.cli: Event: CommandInvoker.OnPostArgumentLoad []
cli.knack.cli: Event: CommandInvoker.OnPostCommandTableCreate [<function register_ids_argument.<locals>.add_ids_argument
s at 0x04609220>, <function register_cache_arguments.<locals>.add_cache_arguments at 0x046092B0>]
cli.knack.cli: Event: CommandInvoker.OnCommandTableLoaded []
cli.knack.cli: Event: CommandInvoker.OnPreParseArgs [<function _documentdb_deprecate at 0x051F78E0>]
cli.knack.cli: Event: CommandInvoker.OnPostParseArgs [<function OutputProducer.handle_output_argument at 0x03CF10B8>, <function CLIQuery.handle_query_parameter at 0x03D05C88>, <function register_global_query_examples_argument.<locals>.handl
e_example_parameter at 0x045D9F10>, <function register_ids_argument.<locals>.parse_ids_arguments at 0x04609268>, <functi
on handler at 0x052F5070>]
cli.azure.cli.core._profile: 'C:\Users\USERNAME\.azure\accessTokens.json' is not a file or doesn't exist.
cli.azure.cli.core._profile: Windows is detected. Set HTTPServer.allow_reuse_address to False
cli.azure.cli.core._profile: Open browser with url: https://login.microsoftonline.com/common/oauth2/authorize?response_t
ype=code&client_id=04b07795-8ddb-461a-bbee-02f9e1bf7b46&redirect_uri=http://localhost:8400&state=REMOVED
source=https://management.core.windows.net/&prompt=select_account
cli.azure.cli.core._profile: The default web browser has been opened at https://login.microsoftonline.com/common/oauth2/
authorize. Please continue the login in the web browser. If no web browser is available or if the web browser fails to o
pen, use device code flow with `az login --use-device-code`.
adal-python: 07e5baba-e29b-4fea-934a-01ba4cef8094 - Authority:Performing instance discovery: ...
adal-python: 07e5baba-e29b-4fea-934a-01ba4cef8094 - Authority:Performing static instance discovery
adal-python: 07e5baba-e29b-4fea-934a-01ba4cef8094 - Authority:Authority validated via static instance discovery
adal-python: 07e5baba-e29b-4fea-934a-01ba4cef8094 - TokenRequest:Getting token with auth code.
urllib3.connectionpool: Starting new HTTPS connection (1): login.microsoftonline.com:443
adal-python: 07e5baba-e29b-4fea-934a-01ba4cef8094 - OAuth2Client:Get Token request failed
Traceback (most recent call last):
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connectionpool.py", line 696, in urlopen
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connectionpool.py", line 964, in _prepare
_proxy
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connection.py", line 359, in connect
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connection.py", line 500, in _connect_tls
_proxy
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/util/ssl_.py", line 449, in ssl_wrap_sock
et
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/util/ssl_.py", line 493, in _ssl_wrap_soc
ket_impl
  File "ssl.py", line 500, in wrap_socket
  File "ssl.py", line 1040, in _create
  File "ssl.py", line 1309, in do_handshake
ssl.SSLError: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1125)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\requests/adapters.py", line 439, in send
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connectionpool.py", line 755, in urlopen
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/util/retry.py", line 574, in increment
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max retries exceeded
with url: /common/oauth2/token (Caused by SSLError(SSLError(1, '[SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c
:1125)')))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\adal/oauth2_client.py", line 263, in get_token
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\requests/api.py", line 119, in post
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\requests/api.py", line 61, in request
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\requests/sessions.py", line 542, in request
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\requests/sessions.py", line 655, in send
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\requests/adapters.py", line 514, in send
requests.exceptions.SSLError: HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max retries exceeded with
 url: /common/oauth2/token (Caused by SSLError(SSLError(1, '[SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:112
5)')))
cli.azure.cli.core.util: azure.cli.core.util.handle_exception is called with an exception:
cli.azure.cli.core.util: Traceback (most recent call last):
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connectionpool.py", line 696, in urlopen
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connectionpool.py", line 964, in _prepare
_proxy
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connection.py", line 359, in connect
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connection.py", line 500, in _connect_tls
_proxy
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/util/ssl_.py", line 449, in ssl_wrap_sock
et
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/util/ssl_.py", line 493, in _ssl_wrap_soc
ket_impl
  File "ssl.py", line 500, in wrap_socket
  File "ssl.py", line 1040, in _create
  File "ssl.py", line 1309, in do_handshake
ssl.SSLError: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1125)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\requests/adapters.py", line 439, in send
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/connectionpool.py", line 755, in urlopen
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\urllib3/util/retry.py", line 574, in increment
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max retries exceeded
with url: /common/oauth2/token (Caused by SSLError(SSLError(1, '[SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c
:1125)')))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/profile/custom.py", lin
e 152, in login
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/_profile.py", line 201, in find_su
bscriptions_on_login
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/_profile.py", line 924, in find_th
rough_authorization_code_flow
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\adal/authentication_context.py", line 215, in acq
uire_token_with_authorization_code
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\adal/authentication_context.py", line 128, in _ac
quire_token
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\adal/authentication_context.py", line 211, in tok
en_func
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\adal/token_request.py", line 325, in get_token_wi
th_authorization_code
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\adal/token_request.py", line 112, in _oauth_get_t
oken
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\adal/oauth2_client.py", line 263, in get_token
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\requests/api.py", line 119, in post
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\requests/api.py", line 61, in request
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\requests/sessions.py", line 542, in request
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\requests/sessions.py", line 655, in send
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\requests/adapters.py", line 514, in send
requests.exceptions.SSLError: HTTPSConnectionPool(host='login.microsoftonline.com', port=443): Max retries exceeded with
 url: /common/oauth2/token (Caused by SSLError(SSLError(1, '[SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:112
5)')))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\knack/cli.py", line 231, in invoke
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/__init__.py", line 657, i
n execute
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/__init__.py", line 720, i
n _run_jobs_serially
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/__init__.py", line 691, i
n _run_job
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/__init__.py", line 328, i
n __call__
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/command_operation.py", li
ne 121, in handler
  File "D:\a\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/profile/custom.py", lin
e 180, in login
knack.util.CLIError: Certificate verification failed. This typically happens when using Azure CLI behind a proxy that in
tercepts traffic with a self-signed certificate. Please add this certificate to the trusted CA bundle. More info: https:
//docs.microsoft.com/cli/azure/use-cli-effectively#work-behind-a-proxy. Error detail: HTTPSConnectionPool(host='login.mi
crosoftonline.com', port=443): Max retries exceeded with url: /common/oauth2/token (Caused by SSLError(SSLError(1, '[SSL
: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1125)')))

cli.azure.cli.core.azclierror: Certificate verification failed. This typically happens when using Azure CLI behind a pro
xy that intercepts traffic with a self-signed certificate. Please add this certificate to the trusted CA bundle. More in
fo: https://docs.microsoft.com/cli/azure/use-cli-effectively#work-behind-a-proxy. Error detail: HTTPSConnectionPool(host
='login.microsoftonline.com', port=443): Max retries exceeded with url: /common/oauth2/token (Caused by SSLError(SSLErro
r(1, '[SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1125)')))
az_command_data_logger: Certificate verification failed. This typically happens when using Azure CLI behind a proxy that
 intercepts traffic with a self-signed certificate. Please add this certificate to the trusted CA bundle. More info: htt
ps://docs.microsoft.com/cli/azure/use-cli-effectively#work-behind-a-proxy. Error detail: HTTPSConnectionPool(host='login
.microsoftonline.com', port=443): Max retries exceeded with url: /common/oauth2/token (Caused by SSLError(SSLError(1, '[
SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1125)')))
cli.knack.cli: Event: Cli.PostExecute [<function AzCliLogging.deinit_cmd_metadata_logging at 0x040912B0>]
az_command_data_logger: exit code: 1
cli.__main__: Command ran in 25.979 seconds (init: 0.644, invoke: 25.335)
telemetry.save: Save telemetry record of length 3329 in cache
telemetry.check: Positive: The C:\Users\USERNAME\.azure\telemetry.txt does not exist.
telemetry.main: Begin creating telemetry upload process.
telemetry.process: Creating upload process: "C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\python.exe C:\Program File
s (x86)\Microsoft SDKs\Azure\CLI2\Lib\site-packages\azure\cli\telemetry\__init__.pyc C:\Users\USERNAME\.azure"
telemetry.process: Return from creating process
telemetry.main: Finish creating telemetry upload process.

Are you able to use other libraries that would use a similar approach to us? Azure CLI would be a good test.

Bear in mind that Azure CLI is built in Python and it could have a different support for handling proxies. So far, it seems like the issue is with msal-node and that’s the first place that we should investigate to see if there are any known issues before we continue.