Forum Discussion
Azure VM Automation Task failed with access token not matching the tenant
I have just 1 single login and subscription in my Azure account. I try to create an Automation Task to auto-start my VM daily via Azure Portal. Then I got a "failed" result on its run with the below error message.
"error": {
"code": "InvalidAuthenticationTokenTenant",
"message": "The access token is from the wrong issuer 'https://sts.windows.net/f8cdef31-a31e-4b4a-93e4-5f571e91255a/'. It must match the tenant 'https://sts.windows.net/0fb36e4a-946c-49c3-b50e-99a0b5d1ecc7/' associated with this subscription. Please use the authority (URL) 'https://login.windows.net/0fb36e4a-946c-49c3-b50e-99a0b5d1ecc7' to get the token. Note, if the subscription is transferred to another tenant there is no impact to the services, but information about new tenant could take time to propagate (up to an hour). If you just transferred your subscription and see this error message, please try back later."
}
I have no idea why the access token will come from a wrong issuer by default! The the authority (URL) the error message mentioned cannot be accessed! How to make a match for the access token and the tenant!
Please make sure:
Tenant ID or subscription ID is correct in the configuration file
Make sure Azure CLI is logged in with the correct account
- Found that if I follow the below video to use the VM Task (Preview) auto-generate the Logic App, the Authentication will be in trouble by default!
https://learn.microsoft.com/en-us/shows/it-ops-talk/auto-shutdown-and-auto-start-an-azure-vm
I follow the below steps can solve the problem.
https://learn.microsoft.com/en-us/answers/questions/405123/azure-logic-app-azure-vm-connector-invalidauthenti
To make it easier, the Marketplace also has "Start/Stop VMs during off-hours (V2)" can save some of my troubles. I follow the steps in this video.
https://www.youtube.com/watch?v=MjM0N6N12NA
