we have a problem when trying to use Azure DevOps service connection with federation service principal. Looks like that the federation token is expired after 55 min and doesn’t refreshed automatically.
For the example I attached a very simple pipeline that in endless loop runs Set-AzContext to the same subscription ID
This pipeline failed after 56 iterations (with 1 min sleep between them), i.e. Exact time where the token was expired!
trigger: nonestages:- stage: "create_VM_report" jobs: - job: Cost_optimization displayName: Cost optimization report timeoutInMinutes: 240 pool: vmImage: "ubuntu-latest" steps: - task: AzurePowerShell@5 displayName: federation service connection test inputs: azureSubscription: 'lz-service-connection-ro' ## federation ScriptType: 'InlineScript' Inline: | \## endless loop $i = 0 while ($true) { Write-Host "Loop number: $i" Set-AzContext -SubscriptionId ‘\<put your subs ID\>' ## itbtg-ccoe-lab Start-Sleep -Seconds 60 $i++ } azurePowerShellVersion: 'LatestVersion' pwsh: true Error message: Loop number: 55 WARNING:Unable to acquire token for tenant '' with error'A configuration issue is preventing authentication Original exception: AADSTS700024: Client assertion is not within its valid time range. expiry time of assertion