Share via

AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access

Thirumal Rao D 1 Reputation point
2023-09-01T16:59:05.61+00:00

When I am trying to Azure DevOps pipeline getting below error and not even getting response when we run below command "az account get-access-token"

ERROR:

AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access

Thanks

Microsoft Security | Microsoft Entra | Microsoft Entra ID

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Domooney-MSFT 2,606 Reputation points Microsoft Employee Moderator
    2023-09-04T08:41:40.65+00:00

    Hi @Thirumal Rao D

    It looks like the user account you are using is enforcing MFA but Azure DevOps is not allowing an interactive type login which allows you to complete the MFA prompt.

    We would recommend using a service principal to authenticate your pipeline, I will share some articles below:

    https://learn.microsoft.com/en-us/azure/devops/pipelines/library/connect-to-azure?view=azure-devops#create-an-azure-resource-manager-service-connection-with-an-existing-service-principal

    https://learn.microsoft.com/en-us/training/modules/authenticate-azure-deployment-pipeline-service-principals/

    The other option would be to disable / bypass MFA for this specific account, generally this is not recommended though and would also depend on how you are applying MFA, i.e Security Defaults, Conditional Access, per-user MFA etc..

    Do let me know if you have any further questions, I would be happy to help!

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.