AuthorizationFailure when using different Entra account #306
Description
We have a setup where we have a different entra account for elevated purposes. I assume this is why i get the following error:
[2026-02-02T12:52:36.358Z] Executing 'DfmGetOrchestrationsFunction' (Reason='This function was programmatically called via the host APIs.', Id=6181332c-f45c-4f15-954a-b2f4bca06bb9)
[2026-02-02T12:52:36.823Z] DFM failed
[2026-02-02T12:52:36.823Z] DurableTask.AzureStorage: This request is not authorized to perform this operation. Microsoft.WindowsAzure.Storage: This request is not authorized to perform this operation.
[2026-02-02T12:52:36.824Z] Executed 'DfmGetOrchestrationsFunction' (Succeeded, Id=6181332c-f45c-4f15-954a-b2f4bca06bb9, Duration=490ms)
When trying to "Attach" to a storage account.
The reasoning for me being suspicious about this is that my accounts are set up this way:
-
Primary (Entra account logged in on Windows and used for login on PC)
Test: Contributor
Staging: Read
Production/Read -
Priveledged (Entra account logged in on windows, but not used for logging in on PC)
Test: Read
Staging: Contributor
Production: Contributor
I am able to view all 3 storage accounts in the "Durable Functions" viewer in the Azure tab in VS Code, but i am only able to connect to the one in test where i have Contributor access.
However i am not able to switch to my priveledged account and get access to either Staging or Production. I have tried:
- Logging out of all accounts in VS Code - restart - try again
- Logging in with only the priveledged account
- Logging in with both accounts at the same time