> I don't know how many of you sign in to multiple tenants in the console, but it generally involves buying a new computer.

This made me laugh out loud. I'm working in a multi-tenant, multi-subscription environment with Azure AD just now. MS force you to use 2FA and I picked the wrong 2FA app.

Now it's completely and utterly comical trying to work out which generated 2FA auth code I need to key in when auth'ing in Visual Studio because there are absolutely no visual cues as to which subscription it's trying to authenticate to. You can't tell VS that "I'm only interested in auth'ing to this particular subscription". Now it prompts me for almost every subscription we use and it's a whack-a-mole experience. They really need to fix the UI/UX in VS for this.

Of course when it comes to mandatory password change time I have to go through this pain all over again.

I’m setting up a system with multiple AAD B2C tenants, so I get the joy of switching back and forth between the primary tenant and the B2C tenants frequently (at least until I can finish automating enough of the B2C provisioning bits).

I don’t yet have enough context to fully evaluate against cognito. It may end up being nice to have B2C as a first class AAD tenant, but until I get far enough along to realize those benefits, there will be a lot more cursing under my breath about the need for another layer of identity and the lack of control plane access through azure resource manager APIs/tooling.

I have multiple chrome profiles for this. However, despite switching from one subscription to another to access each different AAD tenant across multiple chrome profiles, it seems that Azure "remembers" the subscription you last accessed, across profiles. It's as if the last subscription you accessed is tagged to your Azure user server side rather being a blob of client side state. This is deeply annoying as well, especially when your sessions expire...

Firefox containers is the solution to this headache for almost every multi tenanted service. I used to have it installed only for those tasks when I was working in consultancy.

Firefox containers aren't a patch on Chrome profiles (which I did mention I was using). I'd switch to Firefox in a New York minute if they fixed the profile management UX (about:profiles).

YES. I have the dubious honor of needing to use at least 4 different Teams tenants over the course of a week and it is enough to make me want to pitch my computer into the sea. App, browser, private browser - doesn't seem to matter. When I try to sign in, Microsoft will pick one of the tenants seemingly at random, regardless of what URL I use, and try to sign me in - of course, since there is usually no visual cue as to which tenant I'm looking at, I just put in a password and pray.

Use browser profiles, choose a different profile picture for each, then use one profile per tenant. Done.

Firefox Multi-Account Containers extension. I couldn't live without it.

I use it, but since the azure portal uses the uri fragment, it still requires constructing the correct url in the correct container. One mistaken url will obliterate the container, and restoring it requires delete windowsazure.com, microsoftonline.com, portal.azure.com, and another one that I can't remember right now.

You'd really have to try to make it so screwy.

It kind of a shame. Like most things, Azure was better when it was smaller. I loved the first version of functions.

It involves a lot of private browsing sessions which is actually MS's recommendation!

What a PITA.

Nah I just set up a 2nd browser profile, and they both stay signed in. It’s a breeze.

Or Firefox containers?