Log in to the Azure Active Directory Graph
aad login [options]
||output usage information|
||The type of authentication to use. Allowed values
||Name of the user to authenticate. Required when
||Password for the user. Required when
||Path to the file with certificate private key. Required when
||Certificate thumbprint. Required when
||Runs command with verbose logging|
||Runs command with debug logging|
The 'aad connect' command is deprecated. Please use 'aad login' instead.
aad login command you can log in to the Azure Active Directory Graph to manage your AAD objects.
By default, the
aad login command uses device code OAuth flow to log in to the AAD Graph. Alternatively, you can authenticate using a user name and password or certificate, which are convenient for CI/CD scenarios, but which come with their own limitations. See the Office 365 CLI manual for more information.
When logging in to the AAD Graph, the
aad login command stores in memory the access token and the refresh token. Both tokens are cleared from memory after exiting the CLI or by calling the aad logout command.
When logging in to the AAD Graph using the user name and password, next to the access and refresh token, the Office 365 CLI will store the user credentials so that it can automatically re-authenticate if necessary. Similarly to the tokens, the credentials are removed by re-authenticating using the device code or by calling the aad logout command.
When logging in to the AAD Graph using a certificate, the Office 365 CLI will store the contents of the certificate so that it can automatically re-authenticate if necessary. The contents of the certificate are removed by re-authenticating using the device code or by calling the aad logout command.
To log in to the AAD Graph using a certificate, you will typically create a custom Azure AD application. To use this application with the Office 365 CLI, you will set the
OFFICE365CLI_AADAADAPPID environment variable to the application's ID and the
OFFICE365CLI_TENANT environment variable to the ID of the Azure AD tenant, where you created the Azure AD application.
Log in to the AAD Graph using the device code
Log in to the AAD Graph using the device code in debug mode including detailed debug information in the console output
aad login --debug
Log in to the AAD Graph using a user name and password
aad login --authType password --userName firstname.lastname@example.org --password pass@word1
Log in to the AAD Graph using a certificate
aad login --authType certificate --certificateFile /Users/user/dev/localhost.pfx --thumbprint 47C4885736C624E90491F32B98855AA8A7562AF1