2

Hired a new developer for my team and he's got Azure Devops access to repos and boards and is able to login to the Azure Government portal via his company appointed .onMicrosoft.com email account. He gets this issue when trying to sign into that .onMicrosoft.com on Visual Studio Community 2022.

Sign-in error code: 65002

Failure reason: Consent between first party application '{applicationId}' and first party resource '{resourceId}' must be configured via preauthorization - applications owned and operated by Microsoft must get approval from the API owner before requesting tokens for that API.

Additional Details
A developer in your tenant may be attempting to reuse an App ID owned by Microsoft. This error prevents them from impersonating a Microsoft application to call other APIs. They must move to another app ID they register in portal.azure.com.

Here's the steps that have been done thus far with no luck:

  • Changed password on portal login
  • Made sure to match all permissions with other users through all resources
  • Deleted the %localappdata%.identityservice folder
  • Deleted all browser cookies and local storage
  • Deleted the account and then recreated it (as well as reestablished resource IAM permissions)

Also Can't seem to find the applicationId nor resourceId when looking through all apps in App Registrations

Chuck Gaffney
  • 256
  • 3
  • 9
  • 1
    This seems awfully similar https://stackoverflow.com/questions/73724694/visual-studio-2022-community-edit-sign-in-error and posted within 10 minutes of your post. Could be a wider issue? – Timothy G. Sep 15 '22 at 13:53
  • Could be. I saw today that there was an update to VS 2022 so it might be a platform wide issue. I did manage somewhat of a fix today that I'll post here. It's an odd way to partially fix it but definitely seems to point to a bug in VS 2022 with the sign on token – Chuck Gaffney Sep 15 '22 at 18:56
  • Can you please confirm below things? -Is user getting this error on apple devices and it is fine on windows? -Was objectguid of email account used for login was changed recently? – darshan bane Sep 26 '22 at 12:41
  • 1
    I am facing the same issue with my VS 2022 professional. Can connect to Azure services anymore, seems like the trust between VS and Azure is gone. @ChuckGaffney, how did you fix your issue? – Strwase Sep 30 '22 at 07:49
  • Spoke with MS devs and it indeed is VS's new ID not being authorized by Azure. I was able to help the MS team identify the issue; it was related to the fact that they changed VS app ID and (potentially in Azure Government) something wasn't authorizing the VS app. To temp fix it until their patch, go to Tools --> Environment --> Preview Features and uncheck 'Use new identity service client configuration(requires restart)' This will restore VS to the older app ID. – Chuck Gaffney Oct 03 '22 at 19:06

1 Answers1

3

Spoke with MS devs and it indeed is VS's new ID not being authorized by Azure. I was able to help the MS team identify the issue; it was related to the fact that they changed VS app ID and (potentially in Azure Government) something wasn't authorizing the VS app. To temp fix it until their patch, go to Tools --> Environment --> Preview Features and uncheck 'Use new identity service client configuration(requires restart)' This will restore VS to the older app ID.

Was told as of this posting that they identified it locally and will patch this soon.

Chuck Gaffney
  • 256
  • 3
  • 9
  • 1
    Thank this fixed it for me with Visual Studio 17.3.6 – Rodrigo Groener Oct 19 '22 at 11:06
  • I'm experiencing the same issue again in Visual Studio 17.4.5. Sadly the 'Use new identity service client configuration' option is not in the Preview features list anymore. – Perneel Feb 21 '23 at 10:37