Skip to content

US Government cloud sign‑in succeeds but no refresh token is cached. #1368

New issue
New issue
Open
Open
US Government cloud sign‑in succeeds but no refresh token is cached.#1368
Labels
info-neededSee https://aka.ms/azcodeissuereporting
@jacobrsyntaxindustries

Description

@jacobrsyntaxindustries
jacobrsyntaxindustries
opened on Feb 14, 2026

Environment:

VS Code: 1.109
OS: MacOS 26.2 (25C56)
Azure Resources extension: 0.12.0
Identity: Azure US Government
Authority: https://login.microsoftonline.us (USGovernment)
ARM audience: https://management.usgovcloudapi.net/.default (Gov ARM)

Issue:

Interactive sign‑in to Azure US Government completes successfully, but no refresh token is persisted in the VS Code MSAL cache for the ARM audience. Immediately after “returned session,” all silent acquisitions fail with: InteractionRequiredAuthError: no_tokens_found

This happens both when using the built‑in USGovernment cloud selector and when using a Custom sovereign profile. The same account works in Azure CLI against AzureUSGovernment, confirming the tenant and AAD policies are healthy and the issue is within the VS Code authentication flow.

This symptom matches earlier sovereign‑cloud bugs fixed in 2023 (login succeeded but ARM tokens failed / weren’t cached). See microsoft/vscode#198562 and the fix in microsoft/vscode-azuretools#1627.

Logs:

from Microsoft Authentication:

2026-02-13 23:29:57.583 [info] [getSessions] [499b84ac-1321-427f-aa17-267ca6975798/.default offline_access] starting
2026-02-13 23:29:57.619 [info] [getAllSessionsForPca] [...] [s******u@**********.onmicrosoft.us] failed to acquire token silently, skipping account {"errorCode":"no_tokens_found","errorMessage":"No refresh token found in the cache. Please sign-in.","name":"InteractionRequiredAuthError"}
2026-02-13 23:29:57.643 [info] [getSessions] [https://management.azure.com/.default] starting
2026-02-13 23:29:57.644 [info] [...] failed to acquire token silently ... no_tokens_found

from Microsoft Sovereign Authentication:

2026-02-13 23:29:50.382 [info] [getSessions] [https://management.core.usgovcloudapi.net/.default] starting
2026-02-13 23:29:52.148 [info] [createSession] [https://management.core.usgovcloudapi.net/.default] starting
2026-02-13 23:29:57.582 [info] [createSession] [https://management.core.usgovcloudapi.net/.default] returned session
2026-02-13 23:29:57.643 [info] [getSessions] [https://management.usgovcloudapi.net/.default] starting
2026-02-13 23:29:57.645 [info] [getAllSessionsForPca] [...] [s******u@**********.onmicrosoft.us] failed to acquire token silently ... no_tokens_found
(repeats)

Notes:

I also reproduced with the custom environment to the same issue.

Metadata

Metadata

Assignees

No one assigned

    Labels

    info-neededSee https://aka.ms/azcodeissuereporting

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions