I have followed the steps in managing a local AD adding the new application, and granting all the rights to the application.

But when i login to that application, my existing subscription details are not listed.

I had an organizational account with MFA enabled, but login worked fine with CLI (0.9.6) until yesterday (both for asm and arm mode). error: Get Token request returned http error: 400 and server response: I'm not able to figure out why.

error validating forecaster login-41error validating forecaster login-79error validating forecaster login-44

It drives me nuts having to waste hours on this when it could have been communicated in a dozen places on MSDN and other places.

Why would you tell customers to disable multi-factor authentication on their accounts that access Microsoft Azure resources? Please also fix the error messages, because if a user with MFA login with regular password, the error in log is: "AADSTS50076: Application password is required.

Per guiding users to disable MFA, I don't believe that is the route we've espoused.

When asked, we generally guide people to using service principals rather than disabling MFA.

Certificate authentication is currently only available for Azure Service Management (Azure rest api v1).

Azure Active Directory authentication is required for Azure Resource Manager (Azure rest api v2).Once you have provisioned the application in the tenant, you will get related service principal id and key, which you can log in with that.But to access individual azure resources, you still need to login as an account with enough permission to grant the access so called RBAC. @devigned If it is already very well known that MFA is not supported with azure-cli (and Power Shell), how come this is not communicated anywhere other than on this issue here on Git Hub?Correcting this issue is at the very top of the CLI priority list. [[email protected] azure-xplat-cli]$ node bin/azure login -u [email protected] xxxxxxx info: Executing command login \info: Looks like you have Multi-factor authentication enabled. \info: To sign in, use a web browser to open the page If you're signing in as an Azure AD application, use the --username and --password parameters.I assure you this has our attention and is being remedied. Then I used code CBTTZGT52 in and it successfully authenticated me in phone authenticator and asked me to close the window.azure login --service-principal info: Executing command login warn: Please note that currently you can login only via Microsoft organizational account or service principal.