Microsoft
Pardon me just found another thing that could need attention.
settings/account - if you try to sign in and cannot pass the MFA request, "Sign out" and "Switch button" are greyed out, so you cannot change the user unless you complete the login attempt with MFA.
Generally speaking I do not understand the concept why the login to Azure is a session and user based login, especially when the Gateway is used by different admins on a central management VM, as recommended by Microsoft. I would understand it more if admins would access WAC individually from their own Windows Clients using their Azure credentials instead.
Imho it would be feasible that the WAC "app" sign in is somehow permanent, using an Azure Service account, as with Azure Stack HCI clusters, while the Authentication to WAC defines the permissions as defined in Azure / IAM.
What do you think about it?
> https://feedback.azure.com/d365community/idea/bd31c0be-d047-ee11-a81c-000d3a040137