login to Azure from a script

Question

I want to run shell script on Linux using azure-cli (az command) that login to Azure without entering password and run other azure-cli commands without login again.

First, I once run 'az login', it create a .azure under my home directory, who save all the login information and give me ability to run other az command without login again. After few weeks/months it stop working, running 'az login' again solved the problem.

1. Is there any way that I can cancel/increase the expiration date saved in .azure directory, so I will not need to run 'az login' again?
2. I consider adding app user. I follow the link to create application user. In 'New application registration' it ask "Sign-on URL" what is the value I need to enter, I have no url for my script.

What it the best way to keep login to azure from a script without entering password?

Thanks.

Answer 1

The recommended way to do unattended logins from scripts is by using a service principal with a certificate.

See e.g. Create an Azure service principal with Azure CLI 2.0 for instructions on how to set up the certificate and service principal and how to do the actual login.

The above link has instructions for settings this up for AzureRM PowerShell as well as for Azure CLI.