I am trying to connect to Azure non-interactively via on-prem Azure DevOps to apply SQL migrations. I created an App Registration in Azure AD, with a corresponding client secret.
When I run
$appId = {Guid}
$clientSecret = {secret value}
$securePassword = ConvertTo-SecureString -String $clientSecret -AsPlainText -Force
$tenantId = {Guid}
$credential = New-Object -TypeName System.Management.Automation.PSCredential @{ UserName = $appId; Password = $securePassword }
Connect-AzAccount -ServicePrincipal -TenantId $tenantId -Credential $credential
in accordance with the documentation at https://learn.microsoft.com/en-us/powershell/module/az.accounts/connect-azaccount?view=azps-10.2.0 (see Example 3), I get an unexpected error message:
No certificate thumbprint or secret provided for the given service principal ''. Could not find tenant id for provided tenant domain '{Guid}'. Please ensure that the provided service principal '' is found in the provided tenant domain.
I cannot find any information on this error message, and it seems inconsistent with my parameters/arguments.
How can I fix this to get a working connection? (I can confirm that I'm running Az version 10.2.0, and PowerShell 7.3.5.)
Your $credential variable is blank, because you're incorrectly supplying the username and password as a hash table.
PSCredential is expecting 2 string values (username and password), which can be passed as space-separated values, or as an array.
$credential = New-Object -TypeName System.Management.Automation.PSCredential $appId, $securePassword
$credential = New-Object -TypeName System.Management.Automation.PSCredential @($appId, $securePassword)