az-login
Authenticate with Azure
TLDR
Login interactively
SYNOPSIS
az login [options]
DESCRIPTION
az login authenticates the Azure CLI with your Azure account. It supports multiple authentication methods including interactive browser login, service principals, managed identities, and device code flow.
The command stores authentication tokens locally for subsequent Azure CLI commands.
PARAMETERS
--service-principal
Login as service principal-u, --username name
Username or app ID-p, --password password
Password or certificate--tenant id
Tenant ID or domain--identity
Login using managed identity--use-device-code
Use device code authentication--allow-no-subscriptions
Allow login without subscriptions--scope scope
OAuth scope for login
AUTHENTICATION METHODS
Interactive (default)
Opens browser for authenticationService Principal
Automated authentication for applicationsManaged Identity
For Azure resources (VMs, App Service, etc.)Device Code
For systems without browser access
WORKFLOW
az login
# Select subscription
az account set --subscription "My Subscription"
# Verify login
az account show
CAVEATS
Tokens stored in ~/.azure directory. Interactive login requires browser. Service principal credentials should be secured. Managed identity only works on Azure resources. Multiple logins create multiple contexts.
HISTORY
az login has been part of Azure CLI since version 2.0 in 2017, supporting various authentication methods as Azure's identity platform evolved.
SEE ALSO
az(1), az-logout(1), az-account(1)
