Sign in with Web Account Manager (WAM) using Azure CLI
The Azure CLI now offers preview support for Web Account Manager (WAM). WAM is a Windows 10+ component that acts as an authentication broker. (An authentication broker is an application that runs on a user’s machine that manages the authentication handshakes and token maintenance for connected accounts.)
Using WAM has several benefits:
- Enhanced security. See Conditional Access: Token protection (preview).
- Support for Windows Hello, conditional access policies, and FIDO keys.
- Streamlined single sign-on.
- Bug fixes and enhancements shipped with Windows.
Signing in with WAM is a preview, opt-in feature. Once enabled, the previous browser-based user interface is replaced.
az config set core.allow_broker=true
az account clear
az login
At the current stage of development, there are a few known limitations to WAM:
- WAM is available on Windows 10 and later, and on Windows Server 2019 and later. On Mac, Linux, and earlier versions of Windows, the Azure CLI automatically defaults to a browser.
- Microsoft Accounts (for example @outlook.com or @live.com) aren't currently supported. We're working with the Microsoft Identity team to bring the support later.
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for