-
Notifications
You must be signed in to change notification settings - Fork 35
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Saved ADMIN profile doesn't work the next day #159
Comments
You can just do "pac auth clear" and then recreate the profile. I have this script saved: $profileName = 'MyProfile' |
@orangetoken is that how it is supposed to be used though. i.e. are we supposed to clear the previously saved profile, before using it again. |
By default, AAD Refresh Tokens expire after 90 days, but that value can be reduced based on your AAD Tenant's policies. As for creating the new profile, you can either remove the old ones with We have a work item tracking making better error messages for this, tracked as bug 2448310 in our internal DB. |
Got it. Thanks for the info @tehcrashxor |
I created a new admin authentication profile for GCC instance. The admin feature worked after the authentication profile was saved. The next day when i tried to use the same 'ADMIN' profile, i ended up getting the following error message:
*Error: AADSTS70043: The refresh token has expired or is invalid due to sign-in frequency checks by conditional access. The token was issued on 2022-02-01T19:57:21.3802393Z and the maximum allowed lifetime for this request is 86400. *
Since my account uses MFA, i believe whatever token it had saved at the time of creation probably is expired and needs a new token to authenticate. Currently i don't see any option within 'pac admin' module to do that.
Am i supposed to delete my saved ADMIN profile and recreate new ADMIN profile to get the admin feature working again?
The text was updated successfully, but these errors were encountered: