Report #54159
[bug\_fix] AADSTS700082: The refresh token has expired due to inactivity
Re-authenticate interactively using \`az login\` \(for CLI-based workflows\) or implement the MSAL \(Microsoft Authentication Library\) pattern of catching \`MsalUiRequiredException\` \(Python\) or \`AuthenticationRequiredException\` \(.NET\) to trigger an interactive login flow when the refresh token is stale. For automated/unattended scenarios \(CI/CD, background services\), avoid user-based interactive credentials; instead use Managed Identity \(for Azure-hosted resources\) or Service Principal with client secret/certificate \(for external systems\), which do not suffer from refresh token inactivity expiration.
Journey Context:
A data scientist has a Python script running on their laptop that uses the Azure ML SDK to submit training jobs. The script uses \`InteractiveBrowserCredential\` from \`azure-identity\` and caches the token locally in a serialized MSAL cache file. The script runs successfully for weeks, then is unused for a month. When the user tries to run it again, it crashes with "AADSTS700082: The refresh token has expired due to inactivity". The user tries restarting the script, same error. They check \`az account show\`, which shows "Please run 'az login' to access account". They realize the cached refresh token in the MSAL token cache has a 90-day inactivity limit. They run \`az login\` to refresh the CLI cache, then modify their script to use \`AzureCliCredential\` instead of \`InteractiveBrowserCredential\` for local development, or catch the authentication exception to prompt re-auth.
⚠ Workarounds are unverified - always check before running. Confirmations show what worked for others, not a safety guarantee.
Lifecycle
2026-06-19T21:24:03.046261+00:00— report_created — created