Comments (3)
@BethanyZhou please check if this is a limitation of the Entra ID APIs.
from azure-powershell.
Hi @syspro-chrisvogt , thanks for reaching out to us.
When connecting use other methods (e.g. interactive logon) with the same permissions applied then the tenant information is returned as expected.
Get-AzContext is also not returning the tenant name
- The detailed information of tenants will not be retrieved during the process of executing Connect-AzAccount if tenantId is provided. That's why tenant name is missing in the result of Get-AzContext. The behavior is expected and consistent for different login flows, including interactive login.
There isn't a way that I can see to retrieve the tenant name
- I'm sorry for that. What I observe from the response body of Entra ID APIs is tenant name is not returned if connecting with a SP. I believe it's a limitation of the Entra ID APIs.
- @isra-fel , could you help connect people from Entra ID team to see if they are aware of this?
DEBUG: ============================ HTTP REQUEST ============================
HTTP Method:
GET
Absolute Uri:
https://management.azure.com/tenants?api-version=2021-01-01
DEBUG: ============================ HTTP RESPONSE ============================
Status Code:
OK
Body:
{
"value": [
{
"id": "/tenants/xxxxxxx",
"tenantId": "xxxxxxx",
"tenantCategory": "Home"
}
]
}
from azure-powershell.
Hi @BethanyZhou
The detailed information of tenants will not be retrieved during the process of executing Connect-AzAccount if tenantId is provided. That's why tenant name is missing in the result of Get-AzContext. The behavior is expected and consistent for different login flows, including interactive login.
If I connect interactively, specifying the tenant ID, then when using Get-AzTenant, it returns the list of tenants I have access to. If I need to do something with one of the other tenants, I do need to authenticate still, but at least I can see the list of tenants and, at a minimum, the current tenant's name.
If I connect using a service principal and specify the tenant ID (with access to the same tenants and the same level of permissions/role assignments as the user mentioned above), then Get-AzTenant only returns the current tenant but does not include the tenant name.
I've re-tested the Get-AzContext bit and see that the tenant name is not returned, regardless of the login method used.
My current use case is that I am trying to return the list of reservations expiring within a certain number of days. Unfortunately you have to connect to each tenant to do this and cannot use Lighthouse. What I have written thus far gets the list of tenants (dynamically) and returns this information from each tenant. With Get-AzTenant not returning the list of "available" tenants I will need to hardcode or look this up elsewhere, and this lookup (wherever it is) will now need to be maintained too. By extension, for reporting purposes because it does not return the name means the output is not in a user-friendly format. Again, this can be looked up elsewhere... this just means, though, that things can be missed.
from azure-powershell.
Related Issues (20)
- New-AzAutoscaleSetting throws convaluted error if an autoscale rule has an invalid metric name.
- Register-AzProviderFeature does not support -Force parameter
- Retrieving list of tenants using Get-AzTenant when using a serviceprincipal HOT 2
- You forgot to add support for NFS to New-AzWebAppAzureStoragePath
- Deprecated property - Update-AzVpnConnection
- [Feature]: Include HealthDetails when querying Get-AzRecoveryServicesBackupItem
- Get-AzStorageBlob blocks console in interactive mode if an error ocurrs HOT 2
- Cmdlet reference doc - New-AzDataCollectionEndpoint - Required parameter conflict HOT 3
- Get-AzAdvisorRecommendation returning no VM specific recommendations anymore HOT 2
- [Missing Feature]: New-AzFirewallPolicyNetworkRule -DestinationServiceTag HOT 1
- [Eng]: [Cosmos DB][ClientEncryption] Fix New/Update AzCosmosDbClientEncryptionKey to validate key which is passed as part of KeyWrapMetadata
- ClientAssertionCredential authentication failed: AADSTS50166 in Connect-AzAccount HOT 5
- Export-AzAutomationRunbook : To export an Azure Automation runbook to a Python(.py) file. HOT 1
- Import-AzAutomationRunbook cmd : Runbook type 'PowerShell72' not supported HOT 2
- Connect-AzAccount: ClientCertificateCredential fails when used with other tenants since October 2022 HOT 2
- [Feature]: Managing PowerShell Modules in Runtime Environments and Retrieving Detailed Runbook Information HOT 1
- [Feature]: Add parameter to support overwrite files for New-AzCostManagementExport HOT 2
- [Feature]: Add `Az.ResourceGraph` as dependency for `Az` HOT 1
- WAM triggers a server lockup when configured as the default login method on Windows Server 2022 running in core mode (without a GUI) HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from azure-powershell.