Managed Identity not working on Windows container in Azure Container Instances

Patrick Vogler 0 Reputation points

I am trying to make managed identity work on a windows container in Azure Container Instances.

After checking in the official documentation this scenario seems to be supported now, since the limitations on windows container are removed:

I was now able to successfully deploy a Windows Container in Azure Container Instances adding a managed identity (user or system) without any errors or warnings.

Checking with Azure CLI after the deployment the managed identities are visible.

Unfortunately, I am unable to get an access token, no matter what way I try.

As this functionality seems to be new I cannot find any information, about how to make this work, although it should be quite straightforward, as it was for Linux Containers

Any help is appreciated

Error message with Connect-AzAccount:

Connect-AzAccount : ManagedIdentityCredential authentication failed: Retry

failed after 4 tries. Retry settings can be adjusted in ClientOptions.Retry or

by configuring a custom retry policy in ClientOptions.RetryPolicy.

See the troubleshooting guide for more information.

At line:1 char:1

+ Connect-AzAccount -Identity

+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~

+ CategoryInfo : CloseError: (:) [Connect-AzAccount], Authenticat


+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Profile.ConnectAzureRmA


Azure Container Instances
Azure Container Instances
An Azure service that provides customers with a serverless container experience.
656 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,920 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Anveshreddy Nimmala 2,875 Reputation points Microsoft Vendor

    Hello Patrick Vogler,

    Welcome to microsoft Q&A, thankyou for posting your query here.

    use powershell to bring a token directly within the container .

    This can help isolate whether the issue is with the SDK or the identity setup itself.

    If this works, the issue might be with the Connect-AzAccount setup.

    $url = ''
    $response = Invoke-RestMethod -Uri $url -Headers @{Metadata='true'} -Method Get
    Write-Output $response.access_token

    try using Azure CLI to authenticate:

    az login --identity

    Screenshot 2024-05-08 160455

    Hope this helps you.

    0 comments No comments