Azure SQL Database
An Azure relational database service.
6,356 questions
@Oury Ba-MSFT - I am also facing same issue and the SSMS version - v18.9.1
Login failed for user '<token-identified principal>'. (Microsoft SQL Server, Error: 18456) in a group but works when the user is added directly
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 39%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
MrFlinstone
686
Reputation points
I get the error Login failed for user '<token-identified principal>'. (Microsoft SQL Server, Error: 18456) from Azure SQL server when a user tries to login using Azure Active Directory - Universal with MFA.
My Azure AD login is within a group, other members of the group can login to the database, but I get the error '<token-identified principal>'. (Microsoft SQL Server, Error: 18456), however If the user is added to the database, then I can login and it works.
create user [******@contoso.com] from external provider
GO
EXEC sp_addrolemember N'db_datareader', N'******@contoso.com'
I was wondering if there is a reason for this.
Azure SQL Database
{count} vote
-
Oury Ba-MSFT 20,931 Reputation points Microsoft Employee Moderator2022-07-01T16:32:56.597+00:00 Hi @MrFlinstone Thank you for posting your question on Microsoft Q&A and for using Azure services.
What version of SSMS are you using?Regards,
Oury -
Oury Ba-MSFT 20,931 Reputation points Microsoft Employee Moderator
2022-07-05T23:23:19.627+00:00 Hi @MrFlinstone Could you please share more details about the version of SSMS you are using?
Regards,
Oury -
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 39%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESJ%3C/text%3E%3C/svg%3E)
syr jhanns 1 Reputation point2023-01-11T19:52:39.0766667+00:00 having similar issue w/ SSMS v 15.0.18386.0 (v18.9.2). please help. with this v of SSMS i can gain successful access to Azure Synapse Analytics SQL Pool for DEV env but not PROD env. SSMS connect method details are:
Server type: Database Engine
Server name: <DEVSERVER> | <PRODSERVER>
Authentication: Azure Active Directory - Universal with MFA
User name: same approved client AD user account name for either DEV or PROD env.
Sign in to comment
1 answer
Sort by: Most helpful
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 75%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENG%3C/text%3E%3C/svg%3E)
naveen G kumar 1 Reputation point2022-11-22T04:48:45.95+00:00 -
Oury Ba-MSFT 20,931 Reputation points Microsoft Employee Moderator
2022-11-22T18:47:56.32+00:00 @naveen G kumar Same issue was raised sometimes back on Microsoft Q&A. Please see https://learn.microsoft.com/en-us/answers/questions/133709/login-failed-for-user-39lttoken-identified-princip.html
and let us know if that resolves your issue.Regards,
Oury
Sign in to comment -