![PowerShell, Azure : Access Azure AD via CLI with MFA](/content/images/2023/06/powershell-list-7-22-14-2-1--1--1--1--1--1--1--1-.png)
A pretty simple one but something that seems to stump a lot of people. Much of the guidance around connecting to Azure AD suggests you do the following, :
Connect-AzureAD -Credential (Get-Credential)
Which is fine for accounts without MFA but lets break this down and we can see why it wont work for accounts with MFA.
- 'Connect-AzureAD' - A function that is part of the Azure AD module.
- '-credential' - An argument passed to the previous command.
- '(Get-Credential)' - The value we are passing is the result of the 'Get-Credential' function. This function only has the ability to collect username and password
So we can see that 'Get-Credential' is the problem, and if we run that command we can see it in action.
![](https://grumpy.tech/content/images/2023/06/image-6.png)
So how do we get passed this if we are trying to log in via a MFA user? Well its much more simple that you would expect.
Connect-AzureAD
The same command without any arguments will prompt the M365 login page your are probably familiar with and will take you via your choses MFA method automatically.
![](https://grumpy.tech/content/images/2023/06/image-7.png)
Once you have negotiated authentication you will get the familiar summary of your current session.
![](https://grumpy.tech/content/images/2023/06/image-8.png)
This is all good and well if you are directly working on something but how would you do this in a scheduled script? Well that dear readers will the subject of another article.