I have a pipeline with an on prem Azure DevOps agent that is loaded with packer so that I can use the packer image build step. After changing my password and installing the azure cli the pipeline failed with status code 400.
Error: Invalid Grant
Error Description: AADSTS50173: The provided grant has expired due to it being revoked, a fresh auth token is needed. The user might have changed or reset their password. The grant was issued on ‘{{ timestamp }}’ and the TokensValidFrom date (before which tokens are not valid) for this user is ‘{{ timestamp }}’
Quick troubleshooting: Use an Azure Hosted agent which worked but I wanted to use the on prem agent.
Fix: Delete the auth tokens from the agent .
If you look at the logs you see that the packer task is loading the token from a specific location. That might not be able to be refreshed.
So I went into the agent cd to the location and deleted the tokens:
The Azure Agent worked since those are destroyed at every run so a new token was generated. After deleting the tokens I was able to successfully run the pipeline.