Description
Describe the bug
What does this error mean? There is nothing online about it? I receive this error when running "az ad app" commands from a local Az CLI
Related command
az login
az ad app list
Errors
cli.azure.cli.core.azclierror: Exception of type 'Microsoft.Graph.AGS.Contracts.ClaimsChallengeRequiredException' was thrown.
az_command_data_logger: Exception of type 'Microsoft.Graph.AGS.Contracts.ClaimsChallengeRequiredException' was thrown.
Issue script & Debug output
cli.azure.cli.core.util: Response status: 401
cli.azure.cli.core.util: Response headers:
cli.azure.cli.core.util: 'Transfer-Encoding': 'chunked'
cli.azure.cli.core.util: 'Content-Type': 'application/json'
cli.azure.cli.core.util: 'Content-Encoding': 'gzip'
cli.azure.cli.core.util: 'Vary': 'Accept-Encoding'
cli.azure.cli.core.util: 'Strict-Transport-Security': 'max-age=31536000'
cli.azure.cli.core.util: 'request-id': 'ce3b4e87-736c-49ef-ad15-e1a49e05cb35'
cli.azure.cli.core.util: 'client-request-id': 'ce3b4e87-736c-49ef-ad15-e1a49e05cb35'
cli.azure.cli.core.util: 'x-ms-ags-diagnostic': '{"ServerInfo":{"DataCenter":"UK South","Slice":"E","Ring":"5","ScaleUnit":"004","RoleInstance":"LO1PEPF00001D5B"}}'
cli.azure.cli.core.util: 'WWW-Authenticate': 'Bearer realm="", authorization_uri="https://login.microsoftonline.com/common/oauth2/authorize", client_id="00000003-0000-0000-c000-000000000000", error_description="Continuous access evaluation resulted in challenge with result: InteractionRequired and code: TokenCreatedWithOutdatedPolicies", error="insufficient_claims", claims="eyJhY2Nlc3NfdG9rZW4iOnsibmJmIjp7ImVzc2VudGlhbCI6dHJ1ZSwidmFsdWUiOiIxNzE4MTkwMTQyIn0sInhtc19ycF9pcGFkZHIiOnsidmFsdWUiOiIyMC42OC4yNDEuMzAifX19", PoP realm="", authorization_uri="https://login.microsoftonline.com/common/oauth2/authorize", client_id="00000003-0000-0000-c000-000000000000", nonce="eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjA1NjEyNTAxRDRFN0NGM0Q3RjYxOUUxNjMxQTQ4MDg1OTQyMTMyQjMifQ.eyJ0cyI6MTcxODE5MDEyMH0.M98MqWkUpDJpYBdGbUsbUKm_B28m-sYDP-BWgwWQY7qYvBrmsJmqDdZdDndeafHxfqlXoEhrIH-d8A2ahr1R--VIWBYEw53-l2uubWCFQOq6VrjbXCSB-hsOOu4uB86uhTD39yG_m5GuyVcVVtYZye2Ex6MHJzAzTwzcBmVrNxG3U9iXUR32dzP9l8dZhOaM7HaUHze9A_W1Efhv4BG2O82_a84U-GhPueo3jqn_H90VdBLup736XWcT6Gy2K6Fqp1sazW1qTJNwRFZaayMllYeBzSfjmBDBpMRjbe843IPEyH0blTfmDqWLgEbIgqgsl0mJUD4IBzW6ZFkdfKHWuA"'
cli.azure.cli.core.util: 'Date': 'Wed, 12 Jun 2024 11:02:22 GMT'
cli.azure.cli.core.util: Response content:
cli.azure.cli.core.util: {"error":{"code":"InvalidAuthenticationToken","message":"Exception of type 'Microsoft.Graph.AGS.Contracts.ClaimsChallengeRequiredException' was thrown.","innerError":{"date":"2024-06-12T11:02:22","request-id":"ce3b4e87-736c-49ef-ad15-e1a49e05cb35","client-request-id":"ce3b4e87-736c-49ef-ad15-e1a49e05cb35"}}}
Expected behavior
az ad app list should run without errors
Environment Summary
azure-cli 2.61.0
core 2.61.0
telemetry 1.1.0
Extensions:
azure-devops 1.0.1
Dependencies:
msal 1.28.0
azure-mgmt-resource 23.1.1
Additional context
No response