Connect-AzAccount - how to avoid azure device authentication?
1.To login with the user account, try the command as below, make sure your account doesn't enable the MFA(Multi-Factor Authentication).
$User = "xxx@xxxx.onmicrosoft.com"$PWord = ConvertTo-SecureString -String "<Password>" -AsPlainText -Force$tenant = "<tenant id>"$subscription = "<subscription id>"$Credential = New-Object -TypeName "System.Management.Automation.PSCredential" -ArgumentList $User,$PWordConnect-AzAccount -Credential $Credential -Tenant $tenant -Subscription $subscription
2.You can also use a service principal to login, use the command as below.
$azureAplicationId ="Azure AD Application Id"$azureTenantId= "Your Tenant Id"$azurePassword = ConvertTo-SecureString "strong password" -AsPlainText -Force$psCred = New-Object System.Management.Automation.PSCredential($azureAplicationId , $azurePassword)Connect-AzAccount -Credential $psCred -TenantId $azureTenantId -ServicePrincipal See a similar issue I answered here, it use the old AzureRM module, for Az, just change the last line.
If you are not familiar with service principal, Also see : How to: Use the portal to create an Azure AD application and service principal that can access resources, the application id and authentication key are the Azure AD Application Id and strong password you need.
You have 2 options.
Sign in with credentials (Requires Az.Accounts v 1.2.0 or higher)
You can also sign in with a PSCredential object authorized to connect to Azure. The easiest way to get a credential object is with the Get-Credential cmdlet. When run, this cmdlet will prompt you for a username/password credential pair.
$creds = Get-CredentialConnect-AzAccount -Credential $credsSign in with a service principal
Service principals are non-interactive Azure accounts. Like other user accounts, their permissions are managed with Azure Active Directory. By granting a service principal only the permissions it needs, your automation scripts stay secure.
To learn how to create a service principal for use with Azure PowerShell, see Create an Azure service principal with Azure PowerShell.
Source: https://docs.microsoft.com/en-us/powershell/azure/authenticate-azureps?view=azps-1.3.0
If Multi Factor Enabled then also below logic should work
$clientId = "***********************" $clientSecret = "********************" $tenantId = "***********************" $tempPassword = ConvertTo-SecureString "$clientSecret" -AsPlainText -Force $psCred = New-Object System.Management.Automation.PSCredential($clientId , $tempPassword) Connect-AzAccount -Credential $psCred -TenantId $azureTenantId -ServicePrincipal