Microsoft Azure logo

How to refresh all Az CLI subscriptions?

3 min read.

This article explains how to “reactivate” all of your accounts stored in your az account by refreshing your sessions. You might need this if you suddenly run into a script that needs to iterate all of your subscriptions without you being there to sign in to each one of them. Having a recently active session for each will help, and you can run your massive script unattended overnight or something like that :)

But let’s take a step back – what’s the issue we’re dealing with here?


Microsoft is making a push towards using Azure Command-Line Interface (CLI) instead of the good-old PowerShell. And maybe, just maybe, there’s some community pull as well… But let’s not get there.

If you’re a hardened consultant, or maybe a developer, or perhaps even an IT or Cloud Admin, you are likely to have a few different Azure environments to connect to. And that means your Az CLI will also remember quite a few different subscriptions that you have or have had access to!

Now, every now and then, you might need to programmatically connect to multiple accounts or even loop through every single account you’ve ever added to your Az CLI. You can enumerate these by running az account list –all, which returns quite a hefty JSON.

But some of these returned accounts don’t actually have an active session – and to get one, you might need to sign in again. But that in the middle of a large script that performs some interesting steps for each subscription is quite a major pain in the behind – is there a convenient way to avoid it?


Well, there absolutely is (which I’m sure you guessed since you’re here), and it’s fairly straightforward. You just need to sign in to each one of them once, and the session will stay active for a while – so after signing in to all of them in a loop, you’re good to run another script that can be left unattended.

Okay, so I’m sure this is just one option, but here we go:

Time needed: 30 minutes

How to refresh all Az CLI subscriptions?

  1. Enumerate all of your accounts and store them in a variable

    The first thing is to actually fetch all of the accounts you have, and store them in an easily accessible (is “loopable” a word?) form. PowerShell has a super handy “ConvertFrom-Json” commandlet, which will help us here:

    $Subscriptions = az account list --all | ConvertFrom-Json

  2. Loop through the accounts and run az login for each

    Iterating the accounts, and running az login for each one is our next step. The actual script to do this is shared at the end of the article, but this part will look somewhat like this:

    foreach ($s in $Subscriptions)
    Write-Host "Signing into " $s.tenantId
    az login --tenant $s.tenantId

    Note that you might want to do this just once per subscription – you might have multiple accounts per one subscription, and you’ll likely only need one to be signed in.

  3. Sign in any times the script asks you to

    And now comes the painful part – you’ll need to log in to each and every tenant… 😅

The whole script looks somewhat like this:

$Subscriptions = az account list --all | ConvertFrom-Json

$lastSubId = "0"
foreach ($s in $Subscriptions) {
    if ($lastSubId -eq $s.tenantId) {
        Write-Host "Skipping, tenantId was the same as last one..."
    else {
        Write-Host "Signing into " $s.tenantId
        az login --tenant $s.tenantId
        $lastSubId = $s.tenantId

… and then you’ll just have to log in if a browser window pops up. And if you have hundreds of subscriptions, as you might have, you have a lot of windows to log into :)

5 2 votes
Article Rating
Notify of

Inline Feedbacks
View all comments