Share via

DefaultAzureCredential failed to retrieve a token.

Diksha Singh 60 Reputation points
2024-01-31T18:09:24.6866667+00:00

When attempting to read the credentials using DefaultAzureCredential(), I encounter an error intermittently, particularly after a VM restart. The specific error message is as follows, indicating that the issue is inconsistent and seems tied to the VM restart. Is there a prerequisite for executing the above function? I have created the managed identity with the required permissions.

credential = DefaultAzureCredential()

# Create the network management client
network_client = NetworkManagementClient(credential, subscription_id)

Error :

An exception occurred:' (ClientAuthenticationError("DefaultAzureCredential failed to retrieve a token from the included credentials.\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.\nVisit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.\n\tManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint.\n\tSharedTokenCacheCredential: Shared token cache unavailable\n\tAzureCliCredential: Azure CLI not found on path\n\tAzurePowerShellCredential: PowerShell is not installed\n\tAzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.\nTo mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot."),)
Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
9,014 questions
Microsoft Security Microsoft Entra Microsoft Entra ID

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Andriy Bilous 11,821 Reputation points MVP Volunteer Moderator
    2024-01-31T21:18:25.4066667+00:00

    Hello Diksha Singh

    I believe you are using Managed Identity Authentication DefaultAzureCredential and ManagedIdentityCredential support managed identity authentication in any hosting environment which supports managed identities, such as (this list is not exhaustive):

    DefaultAzureCredential and EnvironmentCredential can be configured with environment variables. Each type of authentication requires values for specific variables:
    AZURE_CLIENT_ID id of an Azure Active Directory application
    AZURE_TENANT_ID id of the application’s Azure Active Directory tenant
    AZURE_CLIENT_SECRET one of the application’s client secrets

    Managed Identity flow

    from azure.identity import ManagedIdentityCredential

credential = ManagedIdentityCredential()

# Can also specify a client ID of a user-assigned managed identity
credential = ManagedIdentityCredential(
    client_id="<client_id>",
)

    https://azuresdkdocs.blob.core.windows.net/$web/python/azure-identity/1.6.0/index.html

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.