MG Graph 2.26/2.26.1 tries to authenticate every time while running cmdlet and throws error. No issues with 2.25 #3203
Description
Describe the bug
I have installed latest version of MG Graph PS module i.e. 2.26/2.26.1 on Windows 11 device. Post authenticating it using Connect-mggraph command it will again prompt for authentication for any cmdlet I am running and it fails with the error (mentioned in below screenshot) without letting me select the account for authentication.
With PowerShell 7 it works but it fails with PowerShell 5.1. It all works well with version 2.25 on the same machine with PowerShell 5.1 itself.
Its same issue with all the machines in my office. Please suggest.
Expected behavior
It is expected to return desired output from the other cmdlets without prompting for authentication post completing authentication through Connect-MgGraph.
How to reproduce
Below are the steps I am following on Window 11 device with Powershell 5.1 to reproduce the issue:
- Launch Powershell 5.1
- Run Connect-MgGraph for authencation.
- Authenticate by providing email address and password.
- Run any other MgGraph Cmdlet on Powershell. It again prompts for authentication and fails.
SDK Version
2.26.1
Latest version known to work for scenario above?
2.25
Known Workarounds
As a workaround, we are installing version 2.25 of Mg Graph PS module and it works without any error.
Debug output
DEBUG: [Authentication]: - AuthType: 'Delegated', TokenCredentialType: 'InteractiveBrowser', ContextScope: 'CurrentUser', AppName: 'Microsoft Graph Command Line Tools'.
DEBUG: [Authentication]: - Scopes: [AccessReview.ReadWrite.All, AppCatalog.Read.All, Application.Read.All, Application.ReadWrite.All, AppRoleAssignment.ReadWrite.All,
AuditLog.Read.All, BitlockerKey.Read.All, Calendars.Read, Calendars.ReadBasic, Calendars.ReadWrite.Shared, Chat.Read, Chat.ReadBasic, Chat.ReadWrite, ChatMessage.Send,
ConsentRequest.ReadWrite.All, DelegatedPermissionGrant.ReadWrite.All, Device.Read.All, Device.ReadWrite.All, DeviceManagementApps.Read.All,
DeviceManagementApps.ReadWrite.All, DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All,
DeviceManagementManagedDevices.PrivilegedOperations.All, DeviceManagementManagedDevices.Read.All, DeviceManagementManagedDevices.ReadWrite.All,
DeviceManagementRBAC.Read.All, DeviceManagementServiceConfig.Read.All, DeviceManagementServiceConfig.ReadWrite.All, Directory.AccessAsUser.All, Directory.Read.All,
Directory.ReadWrite.All, email, EntitlementManagement.ReadWrite.All, Files.Read.All, Group.Read.All, Group.ReadWrite.All, GroupMember.Read.All, GroupMember.ReadWrite.All,
IdentityRiskEvent.Read.All, IdentityRiskyUser.Read.All, Mail.Read, Mail.Send, openid, Organization.Read.All, Policy.Read.All, Policy.ReadWrite.ApplicationConfiguration,
Policy.ReadWrite.CrossTenantAccess, Presence.Read.All, profile, Reports.Read.All, RoleEligibilitySchedule.Read.Directory, RoleEligibilitySchedule.ReadWrite.Directory,
RoleManagement.Read.Directory, RoleManagement.ReadWrite.Directory, Sites.Manage.All, Sites.ReadWrite.All, Tasks.Read, Team.ReadBasic.All, TeamsAppInstallation.ReadForTeam,
TeamworkDevice.Read.All, User.Read, User.Read.All, User.ReadWrite.All, UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All,
WindowsUpdates.ReadWrite.All].
DEBUG: ============================ HTTP REQUEST ============================
HTTP Method:
GET
Absolute Uri:
https://graph.microsoft.com/v1.0/users
Headers:
FeatureFlag : 00000003
Cache-Control : no-store, no-cache
User-Agent : Mozilla/5.0,(Windows NT 10.0; Microsoft Windows 10.0.26100; en-US),PowerShell/5.1.26100.2161
Body:
DEBUG: [CmdletException]: Received exception with message 'AuthenticationFailedException - InteractiveBrowserCredential authentication failed: The browser based
authentication dialog failed to complete. Reason: The server has not found anything matching the requested URI (Uniform Resource Identifier). : at
Azure.Identity.CredentialDiagnosticScope.FailWrapAndThrow(Exception ex, String additionalMessage, Boolean isCredentialUnavailable)
at Azure.Identity.InteractiveBrowserCredential.d__52.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Azure.Identity.InteractiveBrowserCredential.d__50.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Kiota.Authentication.Azure.AzureIdentityAccessTokenProvider.d__14.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Graph.PowerShell.Authentication.Handlers.AuthenticationHandler.d__13.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Graph.PowerShell.Authentication.Handlers.AuthenticationHandler.d__12.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Graph.PowerShell.Users.<UserListUser_Call>d__457.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at Microsoft.Graph.PowerShell.Users.<UserListUser_Call>d__457.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Graph.PowerShell.Users.d__455.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Graph.PowerShell.Cmdlets.GetMgUser_List.d__88.MoveNext()'
Confirm
InteractiveBrowserCredential authentication failed: The browser based authentication dialog failed to complete. Reason: The server has not found anything matching the
requested URI (Uniform Resource Identifier).
[Y] Yes [A] Yes to All [H] Halt Command [S] Suspend [?] Help (default is "Y"): a
Get-MgUser : InteractiveBrowserCredential authentication failed: The browser based authentication dialog failed to complete. Reason: The server has not found anything
matching the requested URI (Uniform Resource Identifier).
At line:1 char:1
- Get-MgUser -debug
-
+ CategoryInfo : NotSpecified: (:) [Get-MgUser_List], AuthenticationFailedException + FullyQualifiedErrorId : Microsoft.Graph.PowerShell.Cmdlets.GetMgUser_List
DEBUG: [CmdletEndProcessing]: - Get-MgUser end processing
Configuration
OS: Windows 11 24H2 X64 (Error occurs on 23H2 as well)
Name Value
PSVersion 5.1.26100.2161
PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}
BuildVersion 10.0.26100.2161
CLRVersion 4.0.30319.42000
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
Other information
No response