Exception of type 'Microsoft.Graph.AGS.Contracts.ClaimsChallengeRequiredException' was thrown.

### Describe the bug

What does this error mean? There is nothing online about it? I receive this error when running "az ad app" commands from a local Az CLI

### Related command

az login
az ad app list

### Errors

cli.azure.cli.core.azclierror: Exception of type 'Microsoft.Graph.AGS.Contracts.ClaimsChallengeRequiredException' was thrown.
az_command_data_logger: Exception of type 'Microsoft.Graph.AGS.Contracts.ClaimsChallengeRequiredException' was thrown.

### Issue script & Debug output

cli.azure.cli.core.util: Response status: 401
cli.azure.cli.core.util: Response headers:
cli.azure.cli.core.util:     'Transfer-Encoding': 'chunked'
cli.azure.cli.core.util:     'Content-Type': 'application/json'
cli.azure.cli.core.util:     'Content-Encoding': 'gzip'
cli.azure.cli.core.util:     'Vary': 'Accept-Encoding'
cli.azure.cli.core.util:     'Strict-Transport-Security': 'max-age=31536000'
cli.azure.cli.core.util:     'request-id': 'ce3b4e87-736c-49ef-ad15-e1a49e05cb35'
cli.azure.cli.core.util:     'client-request-id': 'ce3b4e87-736c-49ef-ad15-e1a49e05cb35'
cli.azure.cli.core.util:     'x-ms-ags-diagnostic': '{"ServerInfo":{"DataCenter":"UK South","Slice":"E","Ring":"5","ScaleUnit":"004","RoleInstance":"LO1PEPF00001D5B"}}'
cli.azure.cli.core.util:     'WWW-Authenticate': 'Bearer realm="", authorization_uri="https://login.microsoftonline.com/common/oauth2/authorize", client_id="00000003-0000-0000-c000-000000000000", error_description="Continuous access evaluation resulted in challenge with result: InteractionRequired and code: TokenCreatedWithOutdatedPolicies", error="insufficient_claims", claims="eyJhY2Nlc3NfdG9rZW4iOnsibmJmIjp7ImVzc2VudGlhbCI6dHJ1ZSwidmFsdWUiOiIxNzE4MTkwMTQyIn0sInhtc19ycF9pcGFkZHIiOnsidmFsdWUiOiIyMC42OC4yNDEuMzAifX19", PoP realm="", authorization_uri="https://login.microsoftonline.com/common/oauth2/authorize", client_id="00000003-0000-0000-c000-000000000000", nonce="eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjA1NjEyNTAxRDRFN0NGM0Q3RjYxOUUxNjMxQTQ4MDg1OTQyMTMyQjMifQ.eyJ0cyI6MTcxODE5MDEyMH0.M98MqWkUpDJpYBdGbUsbUKm_B28m-sYDP-BWgwWQY7qYvBrmsJmqDdZdDndeafHxfqlXoEhrIH-d8A2ahr1R--VIWBYEw53-l2uubWCFQOq6VrjbXCSB-hsOOu4uB86uhTD39yG_m5GuyVcVVtYZye2Ex6MHJzAzTwzcBmVrNxG3U9iXUR32dzP9l8dZhOaM7HaUHze9A_W1Efhv4BG2O82_a84U-GhPueo3jqn_H90VdBLup736XWcT6Gy2K6Fqp1sazW1qTJNwRFZaayMllYeBzSfjmBDBpMRjbe843IPEyH0blTfmDqWLgEbIgqgsl0mJUD4IBzW6ZFkdfKHWuA"'
cli.azure.cli.core.util:     'Date': 'Wed, 12 Jun 2024 11:02:22 GMT'
cli.azure.cli.core.util: Response content:
cli.azure.cli.core.util: {"error":{"code":"InvalidAuthenticationToken","message":"Exception of type 'Microsoft.Graph.AGS.Contracts.ClaimsChallengeRequiredException' was thrown.","innerError":{"date":"2024-06-12T11:02:22","request-id":"ce3b4e87-736c-49ef-ad15-e1a49e05cb35","client-request-id":"ce3b4e87-736c-49ef-ad15-e1a49e05cb35"}}}

### Expected behavior

az ad app list should run without errors

### Environment Summary

azure-cli                         2.61.0

core                              2.61.0
telemetry                          1.1.0

Extensions:
azure-devops                       1.0.1

Dependencies:
msal                              1.28.0
azure-mgmt-resource               23.1.1

### Additional context

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Exception of type 'Microsoft.Graph.AGS.Contracts.ClaimsChallengeRequiredException' was thrown. #29155

clumsyhands
openedon Jun 12, 2024

Describe the bug

Related command

Errors

Issue script & Debug output

Expected behavior

Environment Summary

Additional context

Assignees

Labels

Type

Projects

Milestone

Relationships

Development