Using the Azure CLI

david.presuhn · December 12, 2025, 2:29pm

Does anyone have any experience using the Azure CLI? I’ve got a Fellow who is trying to script something and fails to authenticate. I wonder if we need to configure something in Azure or in Cumulocity to make the CLI work.

Thanks!

Tristan_Bastian · December 12, 2025, 4:12pm

Hi @david.presuhn,

If you could provide a bit more context of what you are trying to achieve, it would make it easier to help you.

Why would you need to make configuration changes in Cumulocity to use the Azure CLI?

Are you planning to use the Azure CLI inside of a microservice or why has Cumulocity any relevance here?

Do you intend to connect to your own (personal or business) Azure account or to which account?

david.presuhn · December 12, 2025, 4:48pm

Thanks Tristan!

That’s what I’m trying to figure out… do we need to do anything in Cumulocity or is it all on the Azure side?

We want to use Linux shell scripts to create application packages calling a custom microservice.

This would use our business Azure accounts. We apparently are authenticating against Azure successfully but lack sufficient permissions in Azure (or Cumulocity) to have the script run successfully. I’ll post an error message shortly.

david.presuhn · December 12, 2025, 5:09pm

Here’s what we’re seeing:

$ TENANT=“b5b8b483-5597-4ae7-8e27-fcc464a3b584”

$ API_URI=“api://cc6f867c-2973-4d4e-87c4-b1b45348e1db”

$ az login --tenant “$TENANT” --scope “$API_URI/.default”

A web browser has been opened at https://login.microsoftonline.com/b5b8b483-5597-4ae7-8e27-fcc464a3b584/oauth2/v2.0/authorize. Please continue the login in the web browser. If no web browser is available or if the web browser fails to open, use device code flow with `az login --use-device-code`.

AADSTS650057: Invalid resource. The client has requested access to a resource which is not listed in the requested permissions in the client’s application registration. Client app ID: 04b07795-8ddb-461a-bbee-02f9e1bf7b46(Microsoft Azure CLI). Resource value from request: api://cc6f867c-2973-4d4e-87c4-b1b45348e1db. Resource app ID: cc6f867c-2973-4d4e-87c4-b1b45348e1db. List of valid resources from app registration: . Trace ID: 99d1b6c2-e4f1-4f1b-8afa-8ab445127500 Correlation ID: cdf6a8c8-9ee3-473d-9e51-5a76a5b6562d Timestamp: 2025-12-12 17:01:48Z

Looking at this, it looks like 2FA needs to happen; I’m going to assume that’s done successfully. It looks to me like we need to add something to the app registration in Azure - realizing we’re Cumulocity and not Azure experts…

Tristan_Bastian · December 12, 2025, 7:22pm

As this issue does not seem to be related to Cumulocity at all, please raise your question in an Azure related forum.

Topic		Replies	Views
Sso configuration using Azure AD in Cumulocity Forum cumulocity	2	348	August 18, 2024
Getting error on running c8y client cli Forum cumulocity	12	991	August 22, 2023
SSO Configuration with Azure AD Forum authentication , sso , platform-services	2	107	January 9, 2025
C8Y SSO Azure B2C Forum cumulocity	2	408	April 2, 2021
Integration with Microsoft Azure Event Hubs using Cumulocity Notification 2.0 API Knowledge Base analytics , cumulocity	0	853	December 13, 2023

Using the Azure CLI

Related topics